Package and Publish #44
Annotations
1 error and 4 warnings
|
Publish to PyPI
As of 2024, PyPI requires all users to enable Two-Factor Authentication. This consequently requires all users to switch to either Trusted Publishers (preferred) or API tokens for package uploads. Read more: https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/
|
|
Publish to PyPI
The workflow was run with the 'attestations: true' input, but an explicit password was also set, disabling Trusted Publishing. As a result, the attestations input is ignored.
|
|
Publish to PyPI
Trusted Publishers allows publishing packages to PyPI from automated environments like GitHub Actions without needing to use username/password combinations or API tokens to authenticate with PyPI. Read more: https://docs.pypi.org/trusted-publishers
|
|
Publish to PyPI
A new Trusted Publisher for the currently running publishing workflow can be created by accessing the following link(s) while logged-in as an owner of the package(s):
|
|
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/setup-python@v4, arduino/setup-task@v1. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
Loading