I’m pleased to announce that the twine team has just released twine 6.2.0.
Changelog here:
Highlights
- twine now automatically refreshes the short-lived Trusted Publishing token when an upload session takes longer than the default token validity period. This should help improve publishing reliability for users with large, multi-file releases that would otherwise exceed the validity window for a Trusted Publishing token.
--skip-existingis no longer supported on non-PyPI upload targets, due to a long history of poor compatibility and difficult to debug breakage on third-party indices.- twine no longer submits an
md5_digestfield when uploading, as that field has been deprecated for years on PyPI (in favor ofsha256_digestand other secure hashes). - Versions of
packaging24.0 and earlier are supported once again with newer versions of the standard metadata.
Thanks
I’d like to thank Daniele Nicolodi, Pedro Nacht and Mark Byrne as external contributors who contributed patches to this release!