Anthony Monthe
In Python packaged projects where I work, I used to add a make register command for create a new version of my package. This launch a script I wrote which make the following things:
- Get the version number written in package
- Create a git tag
- Push the tag to the upstream
- Create a package
- Upload package to PyPI
It looks like:
#!/bin/bash
version=$(python setup.py --version)
git rev-parse ${version} &> /dev/null
if [[ "$?" -eq 0 ]] ; then
echo "Version '${version}' already exists."
exit 1
fi
git tag -a ${version} -m "Version ${version}"
git push origin ${version}
python setup.py sdist
python setup.py uploadAll is good until last line: python setup.py upload. It uses your user and password to authenticate with HTTP without the S. So if you don't want to publish your credentials under free licence I advise you to install twine.
Twine is a small tool for ease package management and must be use for upload your package in security. After log in, you'll only have to replace python setup.py upload by twine upload.
And all is great with TLS !
Note: Since Python 2.7.9 and 3.2, python setup.py upload is under HTTPS, but users using other will be with HTTP.
Comments