v1.8.8 #169
webknjaz
announced in
Announcements
v1.8.8
#169
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
💅 Cosmetic output improvements
In twine-upload: add a nudge for trusted publishing #167, @woodruffw introduced a nudge-warning encouraging people to start using secretless publishing to PyPI, as suggested by @sethmlarson in Nudge users to use Trusted Publishers when publishing to PyPI and TestPyPI #164, collaborating with @di.
💡 Tip: The OIDC-based trusted publishing integration details can be found in the action README at https://github.com/marketplace/actions/pypi-publish#trusted-publishing and on the PyPI docs page at https://docs.pypi.org/trusted-publishers/. It's gone GA on April 20, 2023, during PyCon: https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/. And the Trail Of Bits blog post has some deeper explanation here: https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/.
🛠️ Internal dependencies
💪 New Contributors
🪞 Full Diff: v1.8.7...v1.8.8
This discussion was created from the release v1.8.8.
Beta Was this translation helpful? Give feedback.
All reactions