Skip to main content

Collection of utilities for interacting with PyPI

Project description

Twine is a utility for interacting with PyPI.

Currently it only supports uploading distributions.

Why Should I Use This?

The biggest reason to use twine is that python setup.py upload uploads files over plaintext. This means anytime you use it you expose your username and password to a MITM attack. Twine uses only verified TLS to upload to PyPI protecting your credentials from theft.

Secondly it allows you to precreate your distribution files. python setup.py upload only allows you to upload something that you’ve created in the same command invocation. This means that you cannot test the exact file you’re going to upload to PyPI to ensure that it works before uploading it.

Finally it allows you to pre-sign your files and pass the .asc files into the command line invocation (twine upload twine-1.0.1.tar.gz twine-1.0.1.tar.gz.asc). This enables you to be assured that you’re typing your gpg passphrase into gpg itself and not anything else since you will be the one directly executing gpg --detach-sign -a <filename>.

Features

  • Verified HTTPS Connections

  • Uploading doesn’t require executing setup.py

  • Uploading files that have already been created, allowing testing of distributions before release

Installation

$ pip install twine

Usage

  1. Create some distributions in the normal way:

$ python setup.py sdist bdist_wheel
  1. Upload with twine:

$ twine upload dist/*
  1. Done!

Options

$ twine upload -h
usage: twine upload [-h] [-r REPOSITORY] [-s] [-i IDENTITY] [-u USERNAME]
                    [-p PASSWORD] [-c COMMENT]
                    dist [dist ...]

positional arguments:
  dist                  The distribution files to upload to the repository,
                        may additionally contain a .asc file to include an
                        existing signature with the file upload

optional arguments:
  -h, --help            show this help message and exit
  -r REPOSITORY, --repository REPOSITORY
                        The repository to upload the files to
  -s, --sign            Sign files to upload using gpg
  -i IDENTITY, --identity IDENTITY
                        GPG identity used to sign files
  -u USERNAME, --username USERNAME
                        The username to authenticate to the repository as
  -p PASSWORD, --password PASSWORD
                        The password to authenticate to the repository with
  -c COMMENT, --comment COMMENT
                        The comment to include with the distribution file

Resources

Contributing

  1. Fork the repository on GitHub.

  2. Make a branch off of master and commit your changes to it.

  3. Ensure that your name is added to the end of the AUTHORS file using the format Name <email@domain.com> (url), where the (url) portion is optional.

  4. Submit a Pull Request to the master branch on GitHub.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

twine-1.2.0.tar.gz (18.0 kB view details)

Uploaded Source

Built Distribution

twine-1.2.0-py2.py3-none-any.whl (14.9 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file twine-1.2.0.tar.gz.

File metadata

  • Download URL: twine-1.2.0.tar.gz
  • Upload date:
  • Size: 18.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for twine-1.2.0.tar.gz
Algorithm Hash digest
SHA256 eb24bf46a2a70feb79cc24a48629b27294d3b4898373fbf39d68a97ee8784718
MD5 530c08f37eecf8f1e9a3685bc128ddd8
BLAKE2b-256 36252d9682ce9cfc429e01c9e879bf7c2162114bc9de4bc8af674b8696341eeb

See more details on using hashes here.

File details

Details for the file twine-1.2.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for twine-1.2.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 f267b034e07e6d1527d7c9bcb03dca8826b2047152cbf7278fbd58a4d2ac4fc8
MD5 54103ebe1752a8783979f17a2aa483ff
BLAKE2b-256 b12b4cc858db03c0b1087d7d3d01c4c02790e6080a03fcaed8f9c5c3932f4445

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page