Commit Graph

6 Commits

Author SHA1 Message Date
Facundo Tuesca 36978192ca Add nudge message with magic link to create new Trusted Publisher
PR #250

Co-authored-by: Sviatoslav Sydorenko <sviat@redhat.com>
2024-09-05 17:25:58 +02:00
William Woodruff 8a08d61689 Expose PEP 740 attestations functionality
PR #236

This patch adds PEP 740 attestation generation to the workflow: when the Trusted Publishing flow is used, this will generate a publish attestation for each distribution being uploaded. These generated attestations are then fed into `twine`, which newly supports them via `--attestations`.

Ref: https://github.com/pypi/warehouse/issues/15871
2024-09-01 02:50:29 +02:00
Quentin Pradet a5d57af63c Bump runtime dependencies 2023-07-11 09:31:13 +04:00
William Woodruff 2b46bad8cb OIDC beta support
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
2023-03-15 17:08:09 -04:00
Sviatoslav Sydorenko 0b69a8c2df Document broken pkginfo==1.9.0 transitive dep
Refs:
* https://github.com/pypa/gh-action-pypi-publish/issues/107
2022-11-30 10:32:45 +01:00
Sviatoslav Sydorenko c54db9c2b7 Integrate pip-tools-generated constraint files
This patch adds constraint files with the dependency tree
generated by `pip-compile` under Python 3.9. They are now integrated
into the action container image.

Refs:
* https://github.com/pypa/gh-action-pypi-publish/issues/101
* https://github.com/pypa/gh-action-pypi-publish/issues/107
2022-11-30 10:17:33 +01:00