Template for a Python package with a secure project host and package repository configuration.
Project description
Secure Python package template
Template for a Python package with a secure project host and package repository configuration.
Configuring your package repository
- Upload a dummy v0.0 package under the desired package name using your PyPI username and password.
- Create an API token that is scoped to only the package
- Copy the value into your clipboard, it will be used later.
Configuring your project host
Protected branches
Protected tags
- Settings > Tags > New rule
- Use a pattern of
*, even if you have a pattern likevX.Y.Z. - Select "Add rule"
Publish GitHub Environment
- Settings > Environments > New Environment
- Name the environment:
publish - Add required reviewers, should be maintainers
- Select "Save protection rules" button
- Select "Protected Branches" in the deployment branches dropdown
- Select "Add secret" in the environment secrets section
- Add the PyPI API token value under
PYPI_TOKEN
License
CC0-1.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for secure_package_template-0.1.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | a8817cab062fe33164a1516a2f95b16513e28efcf01cc40676ec9e0a802063b4 |
|
| MD5 | 53f8172acb67fa0b3ac91fa4ee91485f |
|
| BLAKE2b-256 | 5bca6327263062e951bab3321c44891659d08fdd611a22aa798d767bf1d403a1 |
Close
Hashes for secure_package_template-0.1.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | de58d65d34fe9548b14b82976b033b50e55840324053b5501073cb98155fc8af |
|
| MD5 | 839c6d339412243ec301a5f63b7c6800 |
|
| BLAKE2b-256 | 5412fff675ba04d7b5ab06746f17d5fc2b921bc371ee3f8c554c220b21f76cb0 |
