https://github.com/casperdcl/deploy-pypi

Securely build and upload Python distributions to PyPI

https://github.com/casperdcl/deploy-pypi

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.1%) to scientific vocabulary

Keywords

actions deployment github-actions python upload
Last synced: 5 months ago · JSON representation

Repository

Securely build and upload Python distributions to PyPI

Basic Info
  • Host: GitHub
  • Owner: casperdcl
  • License: other
  • Default Branch: v2
  • Homepage:
  • Size: 60.5 KB
Statistics
  • Stars: 17
  • Watchers: 1
  • Forks: 2
  • Open Issues: 0
  • Releases: 18
Topics
actions deployment github-actions python upload
Created almost 6 years ago · Last pushed 5 months ago
Metadata Files
Readme Funding

README.md

GitHub Action: PyPI Deployment

Test

Securely build and upload Python distributions to PyPI.

Example

yaml steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 - uses: casperdcl/deploy-pypi@v2 with: build: --outdir dist . # only upload if a tag is pushed (otherwise just build & check) upload: ${{ github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags') }}

Why

PyPI Deployment:

  • Supports building
    • supports customisable build requirements
    • supports customisable build command
    • supports PEP517 projects lacking a setup.py file
  • Supports PEP740 attestations
  • Supports GPG signing
  • Each stage is optional (build, check, sign and upload)
  • Uses a blazing fast container-free GitHub action
  • Outputs names of files for upload (for convenience in subsequent steps)
  • Has the entirety of the code in a single file, making it very easy to review

The main alternative GitHub Action pypi-publish currently does not offer the benefits above.

Other features (supported by both) include:

  • Supports checking built files
  • Supports skipping existing uploads
  • Supports OIDC PyPI trusted publishing

Security

Inputs

You likely should specify exactly one of the following: setup, build or pip.

yaml inputs: user: description: PyPI username default: __token__ password: description: PyPI password or API token registry_domain: description: PyPI trusted publisher URL default: https://upload.pypi.org requirements: description: Packages to `pip install` before building default: twine wheel build setup: description: '`setup.py` command to run ("true" is a shortcut for "clean sdist -d <dist_dir> bdist_wheel -d <dist_dir>")' default: false build: description: '`python -m build` command to run ("true" is a shortcut for "-o <dist_dir>")' default: false pip: description: '`pip` command to run ("true" is a shortcut for "wheel -w <dist_dir> --no-deps .")' default: false check: description: Whether to run basic checks on the built files default: true upload: description: Whether to upload default: true dist_dir: description: Directory containing distributions default: dist url: description: Destination repository (package index) URL attestations: description: 'Use PEP 740 attestations if `upload`ing to a trusted publisher `registry_domain`' default: true gpg_key: description: GPG key to import for signing skip_existing: description: Continue uploading files if one already exists default: false outputs: whl: description: Basename of *.whl for upload targz: description: Basename of *.tar.gz for upload whl_asc: description: Basename of *.whl.asc for upload (requires <gpg_key>) targz_asc: description: Basename of *.tar.gz.asc for upload (requires <gpg_key>)

Owner

  • Name: Casper da Costa-Luis
  • Login: casperdcl
  • Kind: user
  • Location: London, UK

Open Core Software Consultant & Technical Product Manager; Computational Physicist; member of IEEE, IOP, & @python Software Foundation

GitHub Events

Total
  • Create event: 4
  • Release event: 2
  • Issues event: 3
  • Watch event: 2
  • Delete event: 1
  • Issue comment event: 2
  • Push event: 6
  • Pull request event: 2
Last Year
  • Create event: 4
  • Release event: 2
  • Issues event: 3
  • Watch event: 2
  • Delete event: 1
  • Issue comment event: 2
  • Push event: 6
  • Pull request event: 2

Committers

Last synced: over 1 year ago

All Time
  • Total Commits: 38
  • Total Committers: 2
  • Avg Commits per committer: 19.0
  • Development Distribution Score (DDS): 0.026
Past Year
  • Commits: 4
  • Committers: 1
  • Avg Commits per committer: 4.0
  • Development Distribution Score (DDS): 0.0
Top Committers
Name Email Commits
Casper da Costa-Luis c****l@p****g 37
Rahul Parmar r****n@g****m 1
Committer Domains (Top 20 + Academic)

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 7
  • Total pull requests: 13
  • Average time to close issues: 3 months
  • Average time to close pull requests: about 14 hours
  • Total issue authors: 3
  • Total pull request authors: 2
  • Average comments per issue: 2.57
  • Average comments per pull request: 0.08
  • Merged pull requests: 12
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 1
  • Pull requests: 2
  • Average time to close issues: about 15 hours
  • Average time to close pull requests: about 15 hours
  • Issue authors: 1
  • Pull request authors: 1
  • Average comments per issue: 0.0
  • Average comments per pull request: 0.0
  • Merged pull requests: 1
  • Bot issues: 0
  • Bot pull requests: 0
Top Authors
Issue Authors
  • casperdcl (5)
  • ygalblum (1)
  • flooie (1)
Pull Request Authors
  • casperdcl (14)
  • RahulParmarRP (1)
Top Labels
Issue Labels
enhancement (3) bug (3) documentation (1)
Pull Request Labels
documentation (5) enhancement (5) bug (3) framework (1)

Packages

  • Total packages: 1
  • Total downloads: unknown
  • Total dependent packages: 0
  • Total dependent repositories: 62
  • Total versions: 18
github actions: casperdcl/deploy-pypi

Securely build and upload Python distributions to PyPI

  • License: other
  • Latest release: v2.5.0
    published 9 months ago
  • Versions: 18
  • Dependent Packages: 0
  • Dependent Repositories: 62
Rankings
Dependent packages count: 0.0%
Dependent repos count: 5.9%
Average: 7.6%
Stargazers count: 8.4%
Forks count: 16.2%
Last synced: 5 months ago

Dependencies

.github/workflows/test.yml actions
  • ./.github/.. * composite
  • actions/checkout v3 composite
  • actions/setup-python v4 composite
action.yml actions