From 6998764cb7ec628a72c7b6a1aac2c851129e0e57 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 30 Nov 2023 16:33:10 +0000 Subject: [PATCH] Update pypa/gh-action-pypi-publish action to v1.8.11 (#405) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [pypa/gh-action-pypi-publish](https://togithub.com/pypa/gh-action-pypi-publish) | action | patch | `v1.8.10` -> `v1.8.11` | --- ### Release Notes
pypa/gh-action-pypi-publish (pypa/gh-action-pypi-publish) ### [`v1.8.11`](https://togithub.com/pypa/gh-action-pypi-publish/releases/tag/v1.8.11) [Compare Source](https://togithub.com/pypa/gh-action-pypi-publish/compare/v1.8.10...v1.8.11) #### :nail_care: Cosmetic output improvements [@​woodruffw](https://togithub.com/woodruffw) added a nudge suggesting the users storing passwords in a GitHub Actions repository secrets to switch to using secretless publishing in [https://github.com/pypa/gh-action-pypi-publish/pull/190](https://togithub.com/pypa/gh-action-pypi-publish/pull/190). This also reminds people that PyPI will start mandating two-factor authentication to perform uploads in 2024. #### :memo: What's Documented [@​di](https://togithub.com/di) linked the configuration docs for Trusted Publishing in README via [https://github.com/pypa/gh-action-pypi-publish/pull/179](https://togithub.com/pypa/gh-action-pypi-publish/pull/179). #### :hammer_and_wrench: Internal dependencies - Cryptography was bumped from 41.0.3 to 41.0.6 @&#[https://github.com/pypa/gh-action-pypi-publish/pull/194](https://togithub.com/pypa/gh-action-pypi-publish/pull/194)ll/194 - Pip was bumped from 22.3.1 to 23.3 @&#[https://github.com/pypa/gh-action-pypi-publish/pull/189](https://togithub.com/pypa/gh-action-pypi-publish/pull/189)ll/189 - pre-commit linters got autoupdated @&#[https://github.com/pypa/gh-action-pypi-publish/pull/184](https://togithub.com/pypa/gh-action-pypi-publish/pull/184)ll/184 - Urllib3 was bumped from 2.0.3 to 2.0.7 @&#[https://github.com/pypa/gh-action-pypi-publish/pull/183](https://togithub.com/pypa/gh-action-pypi-publish/pull/183)ll/18[https://github.com/pypa/gh-action-pypi-publish/pull/185](https://togithub.com/pypa/gh-action-pypi-publish/pull/185)ll/185 #### :muscle: New Contributors - [@​di](https://togithub.com/di) made their first contribution in [https://github.com/pypa/gh-action-pypi-publish/pull/179](https://togithub.com/pypa/gh-action-pypi-publish/pull/179) **:mirror: Full Diff**: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.10...v1.8.11
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/allenporter/flux-local). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/python-publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-publish.yaml b/.github/workflows/python-publish.yaml index 6aeb2b01..34b7f455 100644 --- a/.github/workflows/python-publish.yaml +++ b/.github/workflows/python-publish.yaml @@ -26,7 +26,7 @@ jobs: - name: Build package run: python -m build - name: Publish package - uses: pypa/gh-action-pypi-publish@v1.8.10 + uses: pypa/gh-action-pypi-publish@v1.8.11 with: user: __token__ password: ${{ secrets.PYPI_API_TOKEN }}