Closed bluenote10 closed 4 months ago
It looks like there was a bug in PyPI for a bit yesterday, until a commit was reverted: https://github.com/pypi/warehouse/issues/15586 . So hopefully if you try it again now, the same thing will work.
Indeed, today it suddenly works again, thanks for finding the issue!
I'm trying to run
flit publish
for a new project for the first time, but PyPI rejects the upload with the error message:I pass the credentials via setting
FLIT_USERNAME
to__token__
andFLIT_PASSWORD
to a newly created API token that has Scope: Entire account (all projects), i.e., which should allow for creating a new projects.I can reproduce this issue both when doing the
flit publish
locally, or when trying to publish from within a GitHub Action.Reading up on that error message in the PyPI docs indicates that the error is actually related to the "trusted publishing" variant, which uses OpenID Connect (OIDC) and short-lived identity tokens. This approach seems to be an alternative to normal API tokens. What confuses me: I am using a regular API token, and nothing related to the OIDC approach. Therefore the error message doesn't really seem to make sense (there should not be a "pending publisher" when using normal API tokens).
Any ideas why the
flit publish
could fail with this error?