Put together a big upgrade to my python-lib cookiecutter template today: it now uses pyproject.toml rather than setup.py, and it configures a publish.yml workflow that publishes packages to PyPI without needing a password or authentication token using PyPI Trusted Publishers
The more experience I get with the new PyPI "trusted publishers" mechanism the more I love it - it's SUCH a low friction way to publish a package from GitHub to PyPI, and configuring it for a new project really is just a case of filling in a few form fields and dropping in a couple of lines of YAML https://til.simonwillison.net/pypi/pypi-releases-from-github
@simon @glyph Quick suggestion: instead of "pip install", "python -Im pip install" and "python -Im build" (etc.).
The "-I" (that's LATIN CAPITAL LETTER I, as in "Isolated", which is the mode it turns on) flag helps mitigate quite a few mailcious things people might try in pull requests, and so is something I always recommend for anything that'll run in CI.
Edited 306d ago