diff options
author | Sybren A. Stüvel <sybren@stuvel.eu> | 2022-07-15 08:41:53 +0200 |
---|---|---|
committer | Sybren A. Stüvel <sybren@stuvel.eu> | 2022-07-15 08:41:53 +0200 |
commit | f6086af9082396f0c9d1326b481fd96fc4bf883d (patch) | |
tree | 0ac8ddf9c341c9c366a7b5dc83ea64247ae8237e | |
parent | 76c0e6901cde36743fd6cbb5251a91bfb3a3352d (diff) | |
download | rsa-git-f6086af9082396f0c9d1326b481fd96fc4bf883d.tar.gz |
Document package publishing with 2FA + API keys
This project has been marked as "critical" on the Python Package Index,
which has some implications on the way new versions should be published.
-rw-r--r-- | README.md | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -37,6 +37,18 @@ poetry install ## Publishing a New Release +Since this project is considered critical on the Python Package Index, +two-factor authentication is required. For uploading packages to PyPi, an API +key is required; username+password will not work. + +First, generate an API token at https://pypi.org/manage/account/token/. Then, +use this token when publishing instead of your username and password. + +As username, use `__token__`. +As password, use the token itself, including the `pypi-` prefix. + +See https://pypi.org/help/#apitoken for help using API tokens to publish. + ``` . ./.venv/bin/activate poetry publish --build |