Tags: pytest-dev/pytest-localserver
Tags
Add a new dev tag to avoid breakage of setuptools-scm Something in setuptools-scm is not capable of dealing with tags that end in .devX where X > 0. I made a .dev1 tag without realizing this, which wound up breaking packaging, but I also made a release from the tag so I can't easily delete it. The easiest way to deal with it seems to be to make another compliant tag, so I'm doing that here.
Convert to trusted publishing I based this change on the official PyPI documentation: https://docs.pypi.org/trusted-publishers/ as well as a blog post walking through an example of how to implement trusted publishing for a Python project: https://pgjones.dev/blog/trusted-plublishing-2023/ The diff is fairly minimal. All it does is remove the password used to authenticate to PyPI, which we don't need anymore, and add a permission needed for trusted publishing to operate. This commit will be accompanied by some configuration in the project settings on PyPI to allow this specific workflow to act as a trusted publisher. Effectively, we're telling PyPI that when this particular workflow (`publish.yml`) contacts it with an OIDC token from Github, then PyPI should accept that as valid authentication and return an API token which can be used to actually upload a package.
PreviousNext