指定始终以 GnuPG 签名将分发上传到 PyPI
Specify always to GnuPG sign uploads of a distribution to PyPI
将发行版上传到PyPI的Distutils upload command,可以指定先对发行版签名,然后上传那个签名:
You can use the --sign option to tell upload to sign each uploaded file
using GPG (GNU Privacy Guard) […] You can also specify which key to use for
signing using the --identity=name option.
我如何指定,对于特定的分发,每个上传都应该使用特定的密钥签名?
Distutils 命令可以 configured with a setup.cfg file,方法是将选项值放在以命令命名的部分中。
因此,要为 upload 命令指定 sign 和 identity 选项,请在发行版的 setup.cfg 文件中写入:
[upload]
# Sign distributions, and upload the signing public key?
sign = true
# Which GnuPG identity to use for signing?
identity = christina@example.org
将发行版上传到PyPI的Distutils upload command,可以指定先对发行版签名,然后上传那个签名:
You can use the
--signoption to tell upload to sign each uploaded file using GPG (GNU Privacy Guard) […] You can also specify which key to use for signing using the--identity=nameoption.
我如何指定,对于特定的分发,每个上传都应该使用特定的密钥签名?
Distutils 命令可以 configured with a setup.cfg file,方法是将选项值放在以命令命名的部分中。
因此,要为 upload 命令指定 sign 和 identity 选项,请在发行版的 setup.cfg 文件中写入:
[upload]
# Sign distributions, and upload the signing public key?
sign = true
# Which GnuPG identity to use for signing?
identity = christina@example.org