search

tlocke / scramp

Python implementation of the SCRAM protocol
MIT No Attribution
27 stars 6 forks source link

RFE: is it possible to start making github releases?🤔 #16

Open kloczek opened 4 months ago

kloczek commented 4 months ago

On create github release entry is created email notification to those whom have set in your repo the web UI Watch->Releases. gh release can contain additional comments (li changelog) or additional assets like release tar balls (by default it contains only assets from git tag) however all those part are not obligatory. In simplest variant gh release can be empty because subiekt of the sent email contains git tag name.

I'm asking because my automation process uses those email notifications by trying to make preliminary automated upgrades of building packages, which allows saving some time on maintaining packaging procedures. Probably other people may be interested to be instantly informed about release new version as well.

Documentation and examples of generate gh releases: https://github.com/getmoto/py-partiql-parser/commit/a58a3783 https://docs.github.com/en/repositories/releasing-projects-on-github/managing-releases-in-a-repository https://cli.github.com/manual/gh_release_upload/ https://github.com/jbms/sphinx-immaterial/pull/282 https://github.com/marketplace/actions/github-release https://pgjones.dev/blog/trusted-plublishing-2023/ https://github.com/jbms/sphinx-immaterial/issues/281#issuecomment-1700933026 tox target to publish on pypi and make gh release https://github.com/jaraco/skeleton/blob/928e9a86d61d3a660948bcba7689f90216cc8243/tox.ini#L42-L58

tlocke commented 4 months ago

Hi @kloczek, my initial thought is that there's an RSS feed on PyPI for new releases of Scramp:

https://pypi.org/rss/project/scramp/releases.xml

This has the advantage of working the same way for all Python projects. There are some docs on monitoring for new releases:

https://pypi.org/help/#project-release-notifications

I'll have a read of those docs you've sent too.

kloczek commented 4 months ago

BTW on trying to package scramp I found on major IMO issue. This module uses passlib which seem is no maintained from +3 years (https://foss.heptapod.net/python-libs/passlib/) and that module uses cloud-sptheme which is as well no longer maintained (https://foss.heptapod.net/doc-utils/cloud_sptheme/). Maybe it would be good to switch to another crypto module? 🤔

tlocke commented 4 months ago

Scramp doesn't depend on passlib, it's just used in the examples in the README. However, I'm open to using a more up-to-date library in the examples if you know of one? It seems that passlib is still popular.