The Qiskit's PyPI account is enabling 2FA on Oct 19. As a consequence, deploying this repo won longer be able to use password authentication for publishing this package to PyPI after this date. The best mechanism PyPI offers for publishing now is trusted publishers:
which authorizes a GitHub Action workflow to push to PyPI and bypasses the need for any user credentials.
So, this repo needs such a workflow. Take a look to other project as examples:
The Qiskit's PyPI account is enabling 2FA on Oct 19. As a consequence, deploying this repo won longer be able to use password authentication for publishing this package to PyPI after this date. The best mechanism PyPI offers for publishing now is trusted publishers:
https://docs.pypi.org/trusted-publishers/using-a-publisher/
which authorizes a GitHub Action workflow to push to PyPI and bypasses the need for any user credentials. So, this repo needs such a workflow. Take a look to other project as examples:
.github/workflows/wheels.ymlin https://github.com/Qiskit/qiskit/pull/10999/files.github/workflows/deploy-code.ymlin https://github.com/qiskit-community/qiskit-machine-learning/pull/698/filesOnce done, a manual linking process needs to be done in the web UI by @mtreinish .