Github project URL is not marked as "verified" despite self-link #16836
Comments
MartinThoma
added
bug 🐛
requires triaging
|
Hm ... can it be the missing trailing slash in the "Source" URL? According to #16485 trailing slashes can be present or not. That was not added to the docs. Maybe it makes sense to add to the docs if trailing slashes are handled or not. |
Yep -- the docs specifically say that you need to use a Trusted Publisher to link a GitHub (or GitLab, etc.) repo to a PyPI project. Just adding a badge to the repo isn't sufficient, since anybody can add a badge claiming to be a particular project. Once you register a Trusted Publisher and publish using it instead of a manually-configured API token, your subsequent releases will have those GitHub URLs marked as verified. |
woodruffw
added
awaiting-response
|
(For reference, you're currently using a manually configured API token here: https://github.com/py-pdf/pypdf/blob/fcb103a7d995406c993b7ba6b3325c94dab7ad0b/.github/workflows/publish-to-pypi.yaml#L27-L32) |
Describe the bug
According to https://docs.pypi.org/project_metadata/ it should be possible to link to https://pypi.org/project/pypdf/ from https://github.com/py-pdf/pypdf
You can see the link from Github to the PyPI project page over the "python version" tag at the very top of the github page:
we did exactly that, but still the URL is not marked as "verified":
It was like this when the package was uploaded
Expected behavior
The source URL https://github.com/py-pdf/pypdf should be marked as verified on https://pypi.org/project/pypdf/
To Reproduce
https://pypi.org/project/pypdf/
The text was updated successfully, but these errors were encountered: