This commit is contained in:
Sviatoslav Sydorenko
commit
2fa448ab0c
|
|
@ -5,7 +5,7 @@ ci:
|
|||
|
||||
repos:
|
||||
- repo: https://github.com/asottile/add-trailing-comma.git
|
||||
rev: v3.0.0
|
||||
rev: v3.1.0
|
||||
hooks:
|
||||
- id: add-trailing-comma
|
||||
|
||||
|
|
@ -17,12 +17,12 @@ repos:
|
|||
- --honor-noqa
|
||||
|
||||
- repo: https://github.com/Lucas-C/pre-commit-hooks.git
|
||||
rev: v1.5.1
|
||||
rev: v1.5.4
|
||||
hooks:
|
||||
- id: remove-tabs
|
||||
|
||||
- repo: https://github.com/python-jsonschema/check-jsonschema.git
|
||||
rev: 0.23.2
|
||||
rev: 0.27.0
|
||||
hooks:
|
||||
- id: check-github-actions
|
||||
- id: check-github-workflows
|
||||
|
|
@ -62,7 +62,7 @@ repos:
|
|||
language_version: python3
|
||||
|
||||
- repo: https://github.com/codespell-project/codespell
|
||||
rev: v2.2.5
|
||||
rev: v2.2.6
|
||||
hooks:
|
||||
- id: codespell
|
||||
|
||||
|
|
@ -78,7 +78,7 @@ repos:
|
|||
- --strict
|
||||
|
||||
- repo: https://github.com/PyCQA/flake8.git
|
||||
rev: 6.0.0
|
||||
rev: 6.1.0
|
||||
hooks:
|
||||
- id: flake8
|
||||
alias: flake8-no-wps
|
||||
|
|
@ -98,7 +98,7 @@ repos:
|
|||
|
||||
- repo: https://github.com/PyCQA/flake8.git
|
||||
# NOTE: This is kept at v4 for until WPS starts supporting flake v5.
|
||||
rev: 4.0.1 # enforce-version: 4.0.1
|
||||
rev: 6.1.0 # enforce-version: 4.0.1
|
||||
hooks:
|
||||
- id: flake8
|
||||
alias: flake8-only-wps
|
||||
|
|
@ -130,7 +130,7 @@ repos:
|
|||
- wemake-python-styleguide ~= 0.17.0
|
||||
|
||||
- repo: https://github.com/PyCQA/pylint.git
|
||||
rev: v3.0.0a6
|
||||
rev: v3.0.0
|
||||
hooks:
|
||||
- id: pylint
|
||||
args:
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@
|
|||
# pip-compile --allow-unsafe --output-file=requirements/runtime-prerequisites.txt --resolver=backtracking --strip-extras requirements/runtime-prerequisites.in
|
||||
#
|
||||
pip-with-requires-python==1.0.1
|
||||
# via -r requirements/runtime-prerequisites.in
|
||||
# via -r runtime-prerequisites.in
|
||||
|
||||
# The following packages are considered to be unsafe in a requirements file:
|
||||
pip==22.3.1
|
||||
pip==23.3
|
||||
# via pip-with-requires-python
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ cffi==1.15.1
|
|||
# via cryptography
|
||||
charset-normalizer==3.2.0
|
||||
# via requests
|
||||
cryptography==41.0.3
|
||||
cryptography==41.0.6
|
||||
# via secretstorage
|
||||
docutils==0.20.1
|
||||
# via readme-renderer
|
||||
|
|
@ -76,7 +76,7 @@ typing-extensions==4.7.1
|
|||
# via
|
||||
# pydantic
|
||||
# pydantic-core
|
||||
urllib3==2.0.6
|
||||
urllib3==2.0.7
|
||||
# via
|
||||
# requests
|
||||
# twine
|
||||
|
|
|
|||
|
|
@ -40,6 +40,13 @@ INPUT_VERIFY_METADATA="$(get-normalized-input 'verify-metadata')"
|
|||
INPUT_SKIP_EXISTING="$(get-normalized-input 'skip-existing')"
|
||||
INPUT_PRINT_HASH="$(get-normalized-input 'print-hash')"
|
||||
|
||||
PASSWORD_DEPRECATION_NUDGE="::error title=Password-based uploads deprecated::\
|
||||
Starting in 2024, PyPI will require all users to enable Two-Factor \
|
||||
Authentication. This will consequently require all users to switch \
|
||||
to either Trusted Publishers (preferred) or API tokens for package \
|
||||
uploads. Read more: \
|
||||
https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/"
|
||||
|
||||
TRUSTED_PUBLISHING_NUDGE="::warning title=Upgrade to Trusted Publishing::\
|
||||
Trusted Publishers allows publishing packages to PyPI from automated \
|
||||
environments like GitHub Actions without needing to use username/password \
|
||||
|
|
@ -69,6 +76,7 @@ else
|
|||
"against ${INPUT_REPOSITORY_URL}"
|
||||
|
||||
if [[ "${INPUT_REPOSITORY_URL}" =~ pypi\.org ]]; then
|
||||
echo "${PASSWORD_DEPRECATION_NUDGE}"
|
||||
echo "${TRUSTED_PUBLISHING_NUDGE}"
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue