Merge pull request #23 from tawanda-kembo/ci/streamline-release-process #23
tawandakembotag-and-release.yml
on: push
tag-and-release
7s
publish-to-pypi
24s
Annotations
1 error and 4 warnings
|
Password-based uploads disabled
As of 2024, PyPI requires all users to enable Two-Factor Authentication. This consequently requires all users to switch to either Trusted Publishers (preferred) or API tokens for package uploads. Read more: https://blog.pypi.org/posts/2023-05-25-securing-pypi-with-2fa/
|
|
tag-and-release
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
tag-and-release
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
|
publish-to-pypi
The following actions uses Node.js version which is deprecated and will be forced to run on node20: actions/checkout@v3, actions/setup-python@v4. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Upgrade to Trusted Publishing
Trusted Publishers allows publishing packages to PyPI from automated environments like GitHub Actions without needing to use username/password combinations or API tokens to authenticate with PyPI. Read more: https://docs.pypi.org/trusted-publishers
|