missing `.sigstore` files for 3.4.0 release

sigstore / sigstore-python

A Sigstore client written in Python

https://pypi.org/p/sigstore

Other

233 stars 49 forks source link

missing `.sigstore` files for 3.4.0 release #1171

Closed chenrui333 closed 1 month ago

chenrui333 commented 1 month ago

missing .sigstore files for 3.4.0 release

relates to https://github.com/Homebrew/homebrew-core/pull/193655

cc @woodruffw

woodruffw commented 1 month ago

That was intentional -- the .sigstore files were being mostly uploaded as smoketest artifacts, and we're dropping them now that attestations are enabled directly on PyPI itself:

https://github.com/sigstore/sigstore-python/blob/d60ec7b7fb718d67d38161e5813bc6065d0215ce/.github/workflows/release.yml#L130

Were you verifying those manually before?

chenrui333 commented 1 month ago

yeah, it is part of the brew test.

woodruffw commented 1 month ago

Gotcha! I followed up on https://github.com/Homebrew/homebrew-core/pull/193655 with some alternative artifacts/strategies for testing.

Closing for now since this isn't a bug per se.