todoman 4.3.0 not on pypi

[dvzrv]

Hi! I'm packaging this project for Arch Linux. For upstream tracking I'm relying on releases on pypi (currently). Unfortunately 4.3.0 has not made its way there. Did something go wrong?

[WhyNotHugo]

Yeah, something is wrong in the CI script: https://builds.sr.ht/~whynothugo/job/1029894#task-package-197

[WhyNotHugo]

I've fixed CI and tagged 4.3.1, which is now on PyPI: https://pypi.org/project/todoman/4.3.1/

Note that git-tags are signed, but this isn't useful to you since you prefer a tarball to a git-tag, right?

Would a gpg-signed tarball be a better choice?

[dvzrv]

I'm fine with a signed tag or a signed tarball. Since PyPI doesn't host sdist tarball signature files anymore, feel free to attach those to a release or something like that (whatever is most convenient for you).

[WhyNotHugo]

Tags are already gpg-signed, all the way back to v1.0.0 in 2015 :)

I'll consider pushing signed tarballs as well though, several distributions expect to fetch tarballs, not git clones.