Collection of utilities for interacting with PyPI
Twine is a utility for interacting with PyPI.
The biggest reason to use twine is that it securely authenticates you to PyPI over HTTPS using a verified connection while python setup.py upload only recently stopped using HTTP in Python 2.7.9+ and Python 3.2+. This means anytime you use python setup.py upload with an older Python version, you expose your username and password to being easily sniffed. Twine uses only verified TLS to upload to PyPI protecting your credentials from theft.
Secondly it allows you to precreate your distribution files. python setup.py upload only allows you to upload something that you’ve created in the same command invocation. This means that you cannot test the exact file you’re going to upload to PyPI to ensure that it works before uploading it.
Finally it allows you to pre-sign your files and pass the .asc files into the command line invocation (twine upload twine-1.0.1.tar.gz twine-1.0.1.tar.gz.asc). This enables you to be assured that you’re typing your gpg passphrase into gpg itself and not anything else since you will be the one directly executing gpg --detach-sign -a <filename>.
$ pip install twine
Create some distributions in the normal way:
$ python setup.py sdist bdist_wheel
Register your project (if necessary):
$ # One needs to be explicit here, globbing dist/* would fail. $ twine register dist/project_name-x.y.z.tar.gz $ twine register dist/mypkg-0.1-py2.py3-none-any.whl
Upload with twine :
$ twine upload dist/*
If you see the following error while uploading to PyPI, it probably means you need to register (see step 2):
$ HTTPError: 403 Client Error: You are not allowed to edit 'xyz' package information
$ twine upload -h usage: twine upload [-h] [-r REPOSITORY] [-s] [--sign-with SIGN_WITH] [-i IDENTITY] [-u USERNAME] [-p PASSWORD] [-c COMMENT] [--config-file CONFIG_FILE] [--skip-existing] dist [dist ...] positional arguments: dist The distribution files to upload to the repository, may additionally contain a .asc file to include an existing signature with the file upload optional arguments: -h, --help show this help message and exit -r REPOSITORY, --repository REPOSITORY The repository to upload the files to (default: pypi) -s, --sign Sign files to upload using gpg --sign-with SIGN_WITH GPG program used to sign uploads (default: gpg) -i IDENTITY, --identity IDENTITY GPG identity used to sign files -u USERNAME, --username USERNAME The username to authenticate to the repository as -p PASSWORD, --password PASSWORD The password to authenticate to the repository with -c COMMENT, --comment COMMENT The comment to include with the distribution file --config-file CONFIG_FILE The .pypirc config file to use --skip-existing Continue uploading files if one already exists
Twine also supports configuration via environment variables. Options passed on
the command line will take precedence over options set via environment
variables. Definition via environment variable is helpful in environments where
it is not convenient to create a
.pypirc file, such as a CI/build server, for
.pypircor provided as a full URL
If you’d like to have a development environment for twine, you should create a virtualenv and then do pip install -e . from within the directory.
Everyone interacting in the twine project’s codebases, issue trackers, chat rooms, and mailing lists is expected to follow the PyPA Code of Conduct.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|File Name & Checksum SHA256 Checksum Help||Version||File Type||Upload Date|
|twine-1.9.1-py2.py3-none-any.whl (27.6 kB) Copy SHA256 Checksum SHA256||py2.py3||Wheel||May 27, 2017|
|twine-1.9.1.tar.gz (36.3 kB) Copy SHA256 Checksum SHA256||–||Source||May 27, 2017|