mirror of
https://gitcode.com/gh_mirrors/gh/gh-action-pypi-publish.git
synced 2026-07-02 18:27:49 +00:00
twine-upload: only nudge on PyPI-looking domains
Signed-off-by: William Woodruff <william@trailofbits.com>
This commit is contained in:
+8
-2
@@ -59,12 +59,18 @@ elif [[ "${INPUT_USER}" == '__token__' ]]; then
|
||||
echo \
|
||||
'::notice::Using a user-provided API token for authentication' \
|
||||
"against ${INPUT_REPOSITORY_URL}"
|
||||
echo "${TRUSTED_PUBLISHING_NUDGE}"
|
||||
|
||||
if [[ "${INPUT_REPOSITORY_URL}" =~ pypi\.org ]]; then
|
||||
echo "${TRUSTED_PUBLISHING_NUDGE}"
|
||||
fi
|
||||
else
|
||||
echo \
|
||||
'::notice::Using a username + password pair for authentication' \
|
||||
"against ${INPUT_REPOSITORY_URL}"
|
||||
echo "${TRUSTED_PUBLISHING_NUDGE}"
|
||||
|
||||
if [[ "${INPUT_REPOSITORY_URL}" =~ pypi\.org ]]; then
|
||||
echo "${TRUSTED_PUBLISHING_NUDGE}"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[
|
||||
|
||||
Reference in New Issue
Block a user