From ba31228bd2d22c108adc4a47f963ccbb075dab26 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Tue, 5 Sep 2023 17:03:03 -0400 Subject: [PATCH 01/15] first attempt at implementing trusted publishing --- .github/workflows/publish-pypi.yml | 4 +--- .github/workflows/tag-testpypi.yml | 7 +++---- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index af9412a52..0fe91e247 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -8,6 +8,7 @@ on: jobs: build-n-publish-pypi: name: Build and publish Python 🐍 distributions πŸ“¦ to PyPI + environment: PyPI runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 @@ -21,6 +22,3 @@ jobs: run: flit build - name: Publish distribution πŸ“¦ to PyPI uses: pypa/gh-action-pypi-publish@v1.8.10 - with: - user: __token__ - password: ${{ secrets.PYPI_API_TOKEN }} diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index 0f7279aa7..efcac1a2d 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -8,6 +8,7 @@ on: jobs: build-n-publish-testpypi: name: Build and publish Python 🐍 distributions πŸ“¦ to TestPyPI + environment: TestPyPI runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 @@ -22,7 +23,5 @@ jobs: - name: Publish distribution πŸ“¦ to Test PyPI uses: pypa/gh-action-pypi-publish@v1.8.10 with: - user: __token__ - password: ${{ secrets.TEST_PYPI_API_TOKEN }} - repository_url: https://test.pypi.org/legacy/ - skip_existing: true + repository-url: https://test.pypi.org/legacy/ + skip-existing: true From 40d84a3402513fd020dceb3426e3ad403b88592a Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Tue, 5 Sep 2023 17:08:35 -0400 Subject: [PATCH 02/15] take only tags starting with v --- .github/workflows/tag-testpypi.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index efcac1a2d..af1556a9e 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -3,7 +3,7 @@ name: Publish Python 🐍 distributions πŸ“¦ to TestPyPI on: push: tags: - - '*' + - 'v*' jobs: build-n-publish-testpypi: From 7baea987539f3df982e95260809c6b883280f566 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Tue, 5 Sep 2023 17:44:46 -0400 Subject: [PATCH 03/15] fix mastodon publishing action --- .github/workflows/publish-mastodon.yml | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 1694767c0..87b0a8cb8 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -9,6 +9,7 @@ on: jobs: build: runs-on: ubuntu-latest + environment: PyPI steps: - name: Checkout @@ -19,16 +20,21 @@ jobs: CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" echo "current_version=${CURRENT_VERSION}" >> $GITHUB_ENV + - name: Prepare Message + run: | + MESSAGE="New #xclim release: v${{ env.current_version }} πŸŽ‰ + + Source code available at: https://github.com/Ouranosinc/xclim + Check out the docs for more information: https://xclim.readthedocs.io/en/v${{ env.current_version }}/" + echo "${MESSAGE}" >> $GITHUB_ENV + - name: Send toot to Mastodon id: mastodon uses: cbrgm/mastodon-github-action@v1.0.3 with: message: | - New #xclim release: v${{ env.current_version }} πŸŽ‰ - - Source code available at: https://github.com/Ouranosinc/xclim - Check out the docs for more information: https://xclim.readthedocs.io/en/v${{ env.current_version }}/ - visibility: "public" # default: public + ${{ env.MESSAGE }} + visibility: "public" env: - MASTODON_URL: ${{ secrets.MASTODON_URL }} # https://example.social - MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} # access token + MASTODON_URL: ${{ secrets.MASTODON_URL }} + MASTODON_ACCESS_TOKEN: ${{ secrets.MASTODON_ACCESS_TOKEN }} From 517317a5a2c9d59d4ea2de75f0fefb1b57bc95e3 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Tue, 5 Sep 2023 17:45:43 -0400 Subject: [PATCH 04/15] update CHANGES.rst --- CHANGES.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGES.rst b/CHANGES.rst index c059d400c..b09be0f0b 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -2,6 +2,14 @@ Changelog ========= +v0.46.0 (unreleased) +-------------------- +Contributors to this version: Trevor James Smith (:user:`Zeitsperre`). + +Internal changes +^^^^^^^^^^^^^^^^ +* GitHub deployment workflows now use the "Trusted Publisher" feature to sign and publish the `xclim` wheel and source distributions. + v0.45.0 (2023-09-05) -------------------- Contributors to this version: David Huard (:user:`huard`), Trevor James Smith (:user:`Zeitsperre`), Pascal Bourgault (:user:`aulemahal`), Juliette Lavoie (:user:`juliettelavoie`), Gabriel Rondeau-Genesse (:user:`RondeauG`), Marco Braun (:user:`vindelico`), Γ‰ric Dupuis (:user:`coxipi`). From 9bb7c95b0cb5109e077a1f2316bc3b27cff1ba28 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Fri, 8 Sep 2023 15:08:55 -0400 Subject: [PATCH 05/15] add necessary token-writing permissions --- .github/workflows/publish-pypi.yml | 3 +++ .github/workflows/tag-testpypi.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index 0fe91e247..3fc969adf 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -9,6 +9,9 @@ jobs: build-n-publish-pypi: name: Build and publish Python 🐍 distributions πŸ“¦ to PyPI environment: PyPI + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index af1556a9e..e0b952ebf 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -9,6 +9,9 @@ jobs: build-n-publish-testpypi: name: Build and publish Python 🐍 distributions πŸ“¦ to TestPyPI environment: TestPyPI + permissions: + # IMPORTANT: this permission is mandatory for trusted publishing + id-token: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v3.6.0 From b6ca59c9fced4fd4a0689f323bd5ff9f2d4b71dc Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Fri, 15 Sep 2023 18:27:46 -0400 Subject: [PATCH 06/15] use production and staging environments --- .github/workflows/publish-pypi.yml | 2 +- .github/workflows/tag-testpypi.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index 3fc969adf..b77b5d489 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -8,7 +8,7 @@ on: jobs: build-n-publish-pypi: name: Build and publish Python 🐍 distributions πŸ“¦ to PyPI - environment: PyPI + environment: production permissions: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index e0b952ebf..edbc542fd 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -8,7 +8,7 @@ on: jobs: build-n-publish-testpypi: name: Build and publish Python 🐍 distributions πŸ“¦ to TestPyPI - environment: TestPyPI + environment: staging permissions: # IMPORTANT: this permission is mandatory for trusted publishing id-token: write From 755b13aa441e01fc552c5bcebafa20e87103bac0 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Fri, 15 Sep 2023 18:32:03 -0400 Subject: [PATCH 07/15] Much more elaborate toots --- .github/TOOT_TEMPLATE.md | 6 ++++ .github/workflows/publish-mastodon.yml | 44 ++++++++++++++++++++------ 2 files changed, 41 insertions(+), 9 deletions(-) create mode 100644 .github/TOOT_TEMPLATE.md diff --git a/.github/TOOT_TEMPLATE.md b/.github/TOOT_TEMPLATE.md new file mode 100644 index 000000000..497c0f953 --- /dev/null +++ b/.github/TOOT_TEMPLATE.md @@ -0,0 +1,6 @@ +New #xclim release: v{{ .current_version }} πŸŽ‰ + +Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/v{{ .current_version }} +Check out the docs for more information: https://xclim.readthedocs.io/en/stable/ + +{{ .contributors }} diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 87b0a8cb8..755e2b079 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -5,11 +5,16 @@ on: types: - published workflow_dispatch: + inputs: + dry-run: + description: 'Dry run' + default: true + type: boolean jobs: build: runs-on: ubuntu-latest - environment: PyPI + environment: production steps: - name: Checkout @@ -20,20 +25,41 @@ jobs: CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" echo "current_version=${CURRENT_VERSION}" >> $GITHUB_ENV - - name: Prepare Message + - name: Get Release Description + id: get_release_description run: | - MESSAGE="New #xclim release: v${{ env.current_version }} πŸŽ‰ + # Fetch the release information using the GitHub API + RELEASE_INFO=$(curl -sH "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.current_version }}") + + # Extract the release description from the response + RELEASE_DESCRIPTION=$(echo "$RELEASE_INFO" | jq -r .body) + + # Remove Markdown links and the space preceding them + CLEANED_DESCRIPTION=$(echo "$RELEASE_DESCRIPTION" | sed -E 's/\[([^\]]+)\]\([^)]+\)//g') + + # Extract the first line of the release description + CONTRIBUTORS=$(echo "$CLEANED_DESCRIPTION" | head -n 1) + + echo "$CONTRIBUTORS" >> $GITHUB_ENV + + - name: Prepare Message + id: render_template + uses: chuhlomin/render-template@v1.7 + with: + template: TOOT_TEMPLATE.md + vars: | + current_version: ${{ env.current_version }} + contributors: ${{ env.CONTRIBUTORS }} - Source code available at: https://github.com/Ouranosinc/xclim - Check out the docs for more information: https://xclim.readthedocs.io/en/v${{ env.current_version }}/" - echo "${MESSAGE}" >> $GITHUB_ENV + - name: Message Preview + run: echo "${{ steps.render_template.outputs.result }}" - name: Send toot to Mastodon - id: mastodon + if: ${{ !github.event.inputs.dry-run }} uses: cbrgm/mastodon-github-action@v1.0.3 with: - message: | - ${{ env.MESSAGE }} + message: ${{ steps.render_template.outputs.result }} visibility: "public" env: MASTODON_URL: ${{ secrets.MASTODON_URL }} From de0e7b6cfa180354c2799ebb57cc5fbc5b3407b5 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Fri, 15 Sep 2023 18:36:58 -0400 Subject: [PATCH 08/15] Version string can be supplied for workflow_dispatch --- .github/workflows/publish-mastodon.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 755e2b079..e813de765 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -6,6 +6,10 @@ on: - published workflow_dispatch: inputs: + version: + description: 'Version to announce' + required: true + type: string dry-run: description: 'Dry run' default: true @@ -21,11 +25,13 @@ jobs: uses: actions/checkout@v3.6.0 - name: Current Version + if: ${{ !github.event.inputs.version }} run: | CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" echo "current_version=${CURRENT_VERSION}" >> $GITHUB_ENV - name: Get Release Description + if: ${{ !endsWith(env.current_version, '-dev') }} id: get_release_description run: | # Fetch the release information using the GitHub API From e05593fd8060e351ea0e712f2aca8d6c257d0dba Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Fri, 15 Sep 2023 18:38:41 -0400 Subject: [PATCH 09/15] update readthedocs to latest mambaforge image --- .readthedocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.readthedocs.yml b/.readthedocs.yml index 542bf7202..a9e45d17e 100644 --- a/.readthedocs.yml +++ b/.readthedocs.yml @@ -10,7 +10,7 @@ sphinx: build: os: ubuntu-22.04 tools: - python: "mambaforge-4.10" + python: "mambaforge-22.9" jobs: pre_build: - sphinx-apidoc -o docs/apidoc/ --private --module-first xclim xclim/testing/tests xclim/indicators xclim/indices From 37d43f42d30e1d63012ddf6de9aa5221791a235a Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:27:49 -0400 Subject: [PATCH 10/15] better workflow_dispatch handling --- .github/TOOT_TEMPLATE.md | 4 ++-- .github/workflows/publish-mastodon.yml | 10 +++++++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/TOOT_TEMPLATE.md b/.github/TOOT_TEMPLATE.md index 497c0f953..856459819 100644 --- a/.github/TOOT_TEMPLATE.md +++ b/.github/TOOT_TEMPLATE.md @@ -1,6 +1,6 @@ -New #xclim release: v{{ .current_version }} πŸŽ‰ +New #xclim release: v{{ .version }} πŸŽ‰ -Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/v{{ .current_version }} +Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/v{{ .version }} Check out the docs for more information: https://xclim.readthedocs.io/en/stable/ {{ .contributors }} diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index e813de765..fdf486aa7 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -28,7 +28,11 @@ jobs: if: ${{ !github.event.inputs.version }} run: | CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" - echo "current_version=${CURRENT_VERSION}" >> $GITHUB_ENV + echo "version=${CURRENT_VERSION}" >> $GITHUB_ENV + - name: Set Version from Input + if: ${{ github.event.inputs.version }} + run: | + echo "version=${{ github.event.inputs.version }}" >> $GITHUB_ENV - name: Get Release Description if: ${{ !endsWith(env.current_version, '-dev') }} @@ -36,7 +40,7 @@ jobs: run: | # Fetch the release information using the GitHub API RELEASE_INFO=$(curl -sH "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \ - "https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.current_version }}") + "https://api.github.com/repos/${{ github.repository }}/releases/tags/${{ env.version }}") # Extract the release description from the response RELEASE_DESCRIPTION=$(echo "$RELEASE_INFO" | jq -r .body) @@ -55,7 +59,7 @@ jobs: with: template: TOOT_TEMPLATE.md vars: | - current_version: ${{ env.current_version }} + version: ${{ env.version }} contributors: ${{ env.CONTRIBUTORS }} - name: Message Preview From c50f7559a545149e4faa4e04b9793ec0a8114afa Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:32:13 -0400 Subject: [PATCH 11/15] fix env var --- .github/workflows/publish-mastodon.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index fdf486aa7..b8206d305 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -51,7 +51,7 @@ jobs: # Extract the first line of the release description CONTRIBUTORS=$(echo "$CLEANED_DESCRIPTION" | head -n 1) - echo "$CONTRIBUTORS" >> $GITHUB_ENV + echo "CONTRIBUTORS=${CONTRIBUTORS}" >> $GITHUB_ENV - name: Prepare Message id: render_template From d07159e544947b0cad596e6ffe9f1f20495f7091 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:35:08 -0400 Subject: [PATCH 12/15] fix version tags --- .github/TOOT_TEMPLATE.md | 2 +- .github/workflows/publish-mastodon.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/TOOT_TEMPLATE.md b/.github/TOOT_TEMPLATE.md index 856459819..c8b9dba6f 100644 --- a/.github/TOOT_TEMPLATE.md +++ b/.github/TOOT_TEMPLATE.md @@ -1,6 +1,6 @@ New #xclim release: v{{ .version }} πŸŽ‰ -Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/v{{ .version }} +Latest source code available at: https://github.com/Ouranosinc/xclim/releases/tag/{{ .version }} Check out the docs for more information: https://xclim.readthedocs.io/en/stable/ {{ .contributors }} diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index b8206d305..609d8093d 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -6,7 +6,7 @@ on: - published workflow_dispatch: inputs: - version: + version-tag: description: 'Version to announce' required: true type: string @@ -25,12 +25,12 @@ jobs: uses: actions/checkout@v3.6.0 - name: Current Version - if: ${{ !github.event.inputs.version }} + if: ${{ !github.event.inputs.version-tag }} run: | CURRENT_VERSION="$(grep -E '__version__' xclim/__init__.py | cut -d ' ' -f3)" - echo "version=${CURRENT_VERSION}" >> $GITHUB_ENV + echo "version=v${CURRENT_VERSION}" >> $GITHUB_ENV - name: Set Version from Input - if: ${{ github.event.inputs.version }} + if: ${{ github.event.inputs.version-tag }} run: | echo "version=${{ github.event.inputs.version }}" >> $GITHUB_ENV From 4c029ef97043a60a4b1b9ef442eb0e707101cad1 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:37:49 -0400 Subject: [PATCH 13/15] fix version tags --- .github/workflows/publish-mastodon.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 609d8093d..1b77fcc60 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -32,7 +32,7 @@ jobs: - name: Set Version from Input if: ${{ github.event.inputs.version-tag }} run: | - echo "version=${{ github.event.inputs.version }}" >> $GITHUB_ENV + echo "version=${{ github.event.inputs.version-tag }}" >> $GITHUB_ENV - name: Get Release Description if: ${{ !endsWith(env.current_version, '-dev') }} From 0d56f3193ec2190aa2579a2515bfd8bca061a3b4 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:46:00 -0400 Subject: [PATCH 14/15] move template to workflows folder --- .../publish-mastodon.template.md} | 0 .github/workflows/publish-mastodon.yml | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename .github/{TOOT_TEMPLATE.md => workflows/publish-mastodon.template.md} (100%) diff --git a/.github/TOOT_TEMPLATE.md b/.github/workflows/publish-mastodon.template.md similarity index 100% rename from .github/TOOT_TEMPLATE.md rename to .github/workflows/publish-mastodon.template.md diff --git a/.github/workflows/publish-mastodon.yml b/.github/workflows/publish-mastodon.yml index 1b77fcc60..706ee5864 100644 --- a/.github/workflows/publish-mastodon.yml +++ b/.github/workflows/publish-mastodon.yml @@ -57,7 +57,7 @@ jobs: id: render_template uses: chuhlomin/render-template@v1.7 with: - template: TOOT_TEMPLATE.md + template: publish-mastodon.template.md vars: | version: ${{ env.version }} contributors: ${{ env.CONTRIBUTORS }} From 68d902f01b4e6b6856eb6dd8f8ffa1c629b2d896 Mon Sep 17 00:00:00 2001 From: Zeitsperre <10819524+Zeitsperre@users.noreply.github.com> Date: Mon, 18 Sep 2023 11:50:45 -0400 Subject: [PATCH 15/15] update CHANGES.rst --- CHANGES.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGES.rst b/CHANGES.rst index 9e85ace58..d4046b7f9 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -29,7 +29,8 @@ Internal changes * Added a `pytest` marker (``pytest.mark.requires_internet``) to allow for skipping of tests that depend on remote network calls to function properly. (:pull:`1473`). * Added handling for `pytest-socket`'s ``SocketBlockedError`` in ``xclim.testing.open_dataset`` when attempting to fetch md5 validation files for cached testing data while explicitly disabling internet sockets. (:issue:`1468`, :pull:`1473`). * Updated the testing data used in the `analogs.ipynb` notebook to use the testing data now found in `Ouranosinc/xclim-testdata`'s main branch. (`xclim-testdata PR/26 `_, :pull:`1473`). -* GitHub deployment workflows now use the "Trusted Publisher" feature to sign and publish the `xclim` wheel and source distributions. +* GitHub deployment workflows now employs use of deployment environments for workflow security and uses the `Trusted Publisher `_ feature to sign and publish the `xclim` wheel and source distributions. (:pull:`1469`). +* Mastodon publishing now uses `chuhlomin/render-template `_ and a standard formatting markdown document to format Mastodon toots. (:pull:`1469`). v0.45.0 (2023-09-05) --------------------