#pep740 β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #pep740, aggregated by home.social.
-
Trusted Publishing gives provenance of which repo the files were uploaded from, the workflow file, and commit. For example:
https://pypi.org/project/urllib3/2.3.0/#urllib3-2.3.0-py3-none-any.whl
Downstream verification for installers such as pip is the next step:
https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/
-
Just released: blurb 1.3.0 π
blurb is the CLI we use for managing CPython's news/changelog entries.
ποΈ Add support for Python 3.13
ποΈ Drop support for Python 3.8
ποΈ Generate digital attestations for PyPI (PEP 740)
ποΈ Allow running blurb test from blurb-* directories by
ποΈ Add version subcommand
ποΈ Generate __version__ at build to avoid slow importlib.metadata
https://pypi.org/project/blurb/1.3.0/
#Python #CPython #blurb #release #CLI #changelog #news #PEP740 #Python313 #Python38
-
Just released: pepotron 1.3.0 π
π© Generate digital attestations for PyPI (PEP 740)
π© Drop support for Python 3.8
π© Generate __version__ at build to avoid slow importlib.metadata
π© Test on CI with uv
https://pypi.org/project/pepotron/1.3.0/
Pepotron is a CLI for opening PEPs in your browser. For example, try:
$ pep 8
$ pep 3.14
$ pep dead batteries
$ pep calendar
-
Just released: pypistats 1.7.0 π
π Generate digital attestations for PyPI (PEP 740)
π Drop support for EOL Python 3.8
π Generate __version__ at build to avoid slow importlib.metadata