Cannot upload from Jazzband to PyPI due to outdated dependencies #360
Assignees
Labels
Comments
This was referenced Apr 15, 2024
This was referenced May 26, 2024
ddabble
added a commit
to ddabble/django-simple-history
that referenced
this issue
May 29, 2024
Most of the changes to `pyproject.toml` were made by running `hatch new --init` (see https://hatch.pypa.io/latest/intro/#existing-project). Most of the changes to the other files were based on the changes made in jazzband/django-debug-toolbar#1690. ### `release.yml`: * `hatch version` is run instead of `hatchling version` (as is done in the PR mentioned above), as the latter crashes with the error: ``` hatchling.plugin.exceptions.UnknownPluginError: Unknown version source: vcs ``` Installing `hatch` takes considerably longer than just `hatchling`, but I think it's still acceptable. * Updated the `pypa/gh-action-pypi-publish` action from the sunset `master` branch to `release/v1`; see warning at https://github.com/jazzband/django-simple-history/actions/runs/9246937361. Also replaced the deprecated `repository_url` with `repository-url`; see https://github.com/pypa/gh-action-pypi-publish/blob/v1.8.14/action.yml#L15 ### `.pre-commit-config.yaml`: * Added some pre-commit hooks for formatting and validating `pyproject.toml` ### `MANIFEST.in`: * Removed `MANIFEST.in`, as the default `[tool.hatch.build.targets.sdist]` configuration (in `pyproject.toml`) includes all files not ignored through our `.gitignore`; see https://hatch.pypa.io/latest/plugins/builder/sdist/#default-file-selection ### `pyproject.toml`: * Didn't include the `license` field, as the docs recommend using a `License ::` classifier instead - see https://packaging.python.org/en/latest/guides/writing-pyproject-toml/#license * The classifier "Programming Language :: Python :: 3" was changed to "Programming Language :: Python :: 3 :: Only" by the `pyproject-fmt` pre-commit hook * Set `core-metadata-version = "2.2"` (copied from jazzband/django-debug-toolbar#1916) due to jazzband/help#360 * Didn't include the last 3 packages from the `packages` kwarg in `setup.py` when configuring `[tool.hatch.build.targets.wheel]`, since they don't make any difference in the generated wheel, as having just `simple_history` will include all its subpackages * As part of porting long_description's file concatenation from `setup.py`, `hatch-fancy-pypi-readme` was added to `requires` and configured to concatenate the same files - except with the first title of `README.rst` and the "Unreleased" section of `CHANGES.rst` removed (facilitated by the added "Start of PyPI readme" comments in those two files)
|
This should be resolved in https://github.com/jazzband/website/releases/tag/24.7.0 |
|
Confirmed, thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Short version: Update Metadata package to 2.3+ on https://github.com/jazzband/website to fix PyPI releasing
Describe the bug
I've made a release from GitHub Actions to the Jazzband staging area, but I can't release from there to PyPI because https://github.com/jazzband/website has outdated dependencies.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Package uploaded to PyPI.
Additional context
Metadata 2.3 has been released, so dependencies need updating on the Jazzband website.
GitHub Actions -> PyPI worked because they have the latest tools, like twine==5.0.0 and pkginfo==1.10.0:
However, the Jazzband website has pinned dependencies, like twine==4.0.2 and pkginfo==1.9.6:
That repo does use Dependabot, but there's some unmerged PRs like jazzband/website#1148 which have this banner at the top:
Thank you!
The text was updated successfully, but these errors were encountered: