This project follows the semantic versioning and pre-release versioning schemes recommended by the Python Packaging Authority.
- Resolve DeprecationWarnings when extracting
twinemetadata. (#1115) - Fix bug for Repository URLs with auth where the port was lost. When attempting to prevent printing authentication credentials in URLs provided with username and password, we did not properly handle the case where the URL also contains a port (when reconstructing the URL). This is now handled and tested to ensure no regressions. (#fix-repo-urls-with-auth-and-port)
- Add the experimental
--attestationsflag. (#1095)
- Use
email.messageinstead ofcgiascgihas been deprecated (#969)
- Remove support for usernames other than
__token__when uploading to PyPI and TestPyPI (#1040)
- Remove deprecated function to fix
twine checkwith pkginfo 1.9.0. (#941)
- Drop support for Python 3.6. (#869)
- Use Rich to add color to
uploadoutput. (#851) - Use Rich to add color to
checkoutput. (#874) - Use Rich instead of tqdm for upload progress bar. (#877)
- Remove Twine's dependencies from the
User-Agentheader when uploading. (#871) - Improve detection of disabled BLAKE2 hashing due to FIPS mode. (#879)
- Restore warning for missing
long_description. (#887)
- Add
--verboselogging for querying keyring credentials. (#849) - Log all upload responses with
--verbose. (#859) - Show more helpful error message for invalid metadata. (#861)
- Require a recent version of urllib3. (#858)
- Fix broken link to packaging tutorial. (#844)
- Add support for core metadata version 2.2, defined in PEP 643. (#833)
- Add support for Python 3.10. (#827)
- Show more helpful messages for invalid passwords. (#815)
- Allow the
--skip-existingoption to work with GCP Artifact Registry. (#823)
- Add a helpful error message when an upload fails due to missing a trailing slash in the URL. (#812)
- Generalize
--verbosesuggestion when an upload fails. (#817)
- Improve error message for unsupported metadata. (#755)
- Improve error message for a missing config file. (#770)
- Do not include md5_digest or blake2_256_digest if FIPS mode is enabled on the host. This removes those fields from the metadata before sending the metadata to the repository. (#776)
- Fix a regression that was causing some namespace packages with dots in them fail to upload to PyPI. (#745)
- Prefer importlib.metadata for entry point handling. (#728)
- Rely on importlib_metadata 3.6 for nicer entry point processing. (#732)
- Eliminate dependency on setuptools/pkg_resources and replace with packaging and importlib_metadata. (#736)
- Print files to be uploaded using
upload --verbose(#670) - Print configuration file location when using
upload --verbose(#675) - Print source and values of credentials when using
upload --verbose(#685) - Add support for Python 3.9 (#708)
- Turn warnings into errors when using
check --strict(#715)
- Make password optional when using
upload --client-cert(#678) - Support more Nexus versions with
upload --skip-existing(#693) - Support Gitlab Enterprise with
upload --skip-existing(#698) - Show a better error message for malformed files (#714)
- Improve display of HTTP errors during upload (#666)
- Print packages and signatures to be uploaded when using
--verboseoption (#652) - Use red text when printing errors on the command line (#649)
- Require repository URL scheme to be
httporhttps(#602) - Add type annotations, checked with mypy, with PEP 561 support for users of Twine's API (#231)
- Update URL to
.pypircspecification (#655) - Don't raise an exception when Python version can't be parsed from filename (#612)
- Fix inaccurate retry message during
upload(#611) - Clarify error messages for archive format (#601)
- Restore
--non-interactiveas a flag not expecting an argument. (#548)
- Add support for specifying
--non-interactiveas an environment variable. (#547)
- When a client certificate is indicated, all password processing is disabled. (#336)
- Add
--non-interactiveflag to abort upload rather than interactively prompt if credentials are missing. (#489) - Twine now unconditionally requires the keyring library and no longer supports uninstalling
keyringas a means to disable that functionality. Instead, usekeyring --disablekeyring functionality if necessary. (#524) - Add Python 3.8 to classifiers. (#518)
- More robust handling of server response in
--skip-existing(#332)
- Twine now requires Python 3.6 or later. Use pip 9 or pin to "twine<2" to install twine on older Python versions. (#437)
- Require requests 2.20 or later to avoid reported security vulnerabilities in earlier releases. (#491)
- Improved output on
checkcommand: Prints a message when there are no distributions given to check. Improved handling of errors in a distribution's markup, avoiding messages flowing through to the next distribution's errors. (#488)
- Show Warehouse URL after uploading a package (#459)
- Better error handling and gpg2 fallback if gpg not available. (#456)
- Now provide a more meaningful error on redirect during upload. (#310)
- Fail more gracefully when encountering bad metadata (#341)
- Add disable_progress_bar option to disable tqdm. (#427)
- Allow defining an empty username and password in .pypirc. (#426)
- Support keyring.get_credential. (#419)
- Support keyring.get_username_and_password. (#418)
- Add Python 3.7 to classifiers. (#416)
- Restore prompts while retaining support for suppressing prompts. (#452)
- Avoid requests-toolbelt to 0.9.0 to prevent attempting to use openssl when it isn't available. (#447)
- Use io.StringIO instead of StringIO. (#444)
- Only install pyblake2 if needed. (#441)
- Use modern Python language features. (#436)
- Specify python_requires in setup.py (#435)
- Use https URLs everywhere. (#432)
- Fix --skip-existing for Nexus Repos. (#428)
- Remove unnecessary usage of readme_render.markdown. (#421)
- Don't crash if there's no package description. (#412)
- Fix keyring support. (#408)
- Refactor tox env and travis config. (#439)
- Fix regression with upload exit code (#404)
- Add
twine checkcommand to check long description (#395) - Drop support for Python 3.3 (#392)
- Empower
--skip-existingfor Artifactory repositories (#363)
- Avoid MD5 when Python is compiled in FIPS mode (#367)
- Remove PyPI as default
registerpackage index. (#320) - Support Metadata 2.1 (PEP 566), including Markdown for
descriptionfields. (#319)
- Raise exception if attempting upload to deprecated legacy PyPI URLs. (#322)
- Avoid uploading to PyPI when given alternate repository URL, and require
http://orhttps://inrepository_url. (#269)
- Update PyPI URLs. (#318)
- Add new maintainer, release checklists. (#314)
- Add instructions on how to use keyring. (#277)
- Link to changelog from
README(#46) - Reorganize & improve user & developer documentation. (#304)
- Revise docs predicting future of
twine(#303) - Add architecture overview to docs (#296)
- Add doc building instructions (#295)
- Declare support for Python 3.6 (#257)
- Improve progressbar (#256)
- Degrade gracefully when keyring is unavailable (#315)
- Fix changelog formatting (#299)
- Fix syntax highlighting in
README(#298) - Fix Read the Docs, tox, Travis configuration (#297)
- Fix Travis CI and test configuration (#286)
- Print progress to
stdout, notstderr(#268) - Fix
--repository[-url]help text (#265) - Remove obsolete registration guidance (#200)
- Blacklist known bad versions of Requests. (#253)
- Twine sends less information about the user's system in the User-Agent string. (#229)
- Fix
--skip-existingwhen used to upload a package for the first time. (#220) - Fix precedence of
--repository-urlover--repository. (#206)
- Twine will now resolve passwords using the keyring if available. Module can be required with the
keyringextra. - Twine will use
hashlib.blake2bon Python 3.6+ instead of pyblake2
Check if a package exists if the URL is one of:
https://pypi.python.org/pypi/https://upload.pypi.org/https://upload.pypi.io/
This helps people with
https://upload.pypi.iostill in their :file:`.pypirc` file.
Switch from upload.pypi.io to upload.pypi.org. (#201)
Retrieve configuration from the environment as a default. (#144)
- Repository URL will default to
TWINE_REPOSITORY - Username will default to
TWINE_USERNAME - Password will default to
TWINE_PASSWORD
- Repository URL will default to
Allow the Repository URL to be provided on the command-line (
--repository-url) or via an environment variable (TWINE_REPOSITORY_URL). (#166)Generate Blake2b 256 digests for packages if
pyblake2is installed. Users can usepython -m pip install twine[with-blake2]to havepyblake2installed with Twine. (#171)
- Generate SHA256 digest for all packages by default.
- Stop testing on Python 2.6.
- Warn users if they receive a 500 error when uploading to
*pypi.python.org(#199)
- Correct a packaging error.
- Fix uploads to instances of pypiserver using
--skip-existing. We were not properly checking the return status code on the response after attempting an upload. (#195)
- Avoid attempts to upload a package if we can find it on Legacy PyPI.
- Fix issue where we were checking the existence of packages even if the user didn't specify
--skip-existing. (#189) (#191)
- Clint was not specified in the wheel metadata as a dependency. (#187)
- Support
--certand--client-certcommand-line flags and config file options for feature parity with pip. This allows users to verify connections to servers other than PyPI (e.g., local package repositories) with different certificates. (#142) - Add progress bar to uploads. (#152)
- Allow
--skip-existingto work for 409 status codes. (#162) - Implement retries when the CDN in front of PyPI gives us a 5xx error. (#167)
- Switch Twine to upload to pypi.io instead of pypi.python.org. (#177)
- Allow passwords to have
%s in them. (#186)
- Bump requests-toolbelt version to ensure we avoid ConnectionErrors (#155)
- Paths with hyphens in them break the Wheel regular expression. (#145)
- Exception while accessing the
repositorykey (sic) when raising a redirect exception. (#146)
Upload signatures with packages appropriately (#132)
As part of the refactor for the 1.6.0 release, we were using the wrong name to find the signature file.
This also uncovered a bug where if you're using twine in a situation where
*is not expanded by your shell, we might also miss uploading signatures to PyPI. Both were fixed as part of this.
- Fix signing support for uploads (#130)
- Allow the user to specify the location of their :file:`.pypirc` (#97)
- Support registering new packages with
twine register(#8) - Add the
--skip-existingflag totwine uploadto allow users to skip releases that already exist on PyPI. (#115) - Upload wheels first to PyPI (#106)
- Large file support via the
requests-toolbelt(#104)
- Raise an exception on redirects (#92)
- Work around problems with Windows when using
getpass.getpass(#116) - Warnings triggered by pkginfo searching for
PKG-INFOfiles should no longer be user visible. (#114) - Provide more helpful messages if :file:`.pypirc` is out of date. (#111)
- Support commands not named "gpg" for signing (#29)
- Display information about the version of setuptools installed (#85)
- Support deprecated pypirc file format (#61)
- Add lower-limit to requests dependency
- Switch to a git style dispatching for the commands to enable simpler commands and programmatic invocation. (#6)
- Parse :file:`~/.pypirc` ourselves and use
subprocessinstead of thedistutils.spawnmodule. (#13)
- Expand globs and check for existence of dists to upload (#65)
- Fix issue uploading packages with
_s in the name (#47) - List registered commands in help text (#34)
- Use
pkg_resourcesto load registered commands (#32) - Prevent ResourceWarning from being shown (#28)
- Add support for uploading Windows installers (#26)
- Additional functionality.
- Basic functionality.