Creation & manipulation of PyPI tokens

Joachim Jablon

Last update: Nov 1, 2022

Related tags

Overview

PyPIToken: Manipulate PyPI API tokens

PyPIToken is an open-source Python 3.6+ library for generating and manipulating PyPI tokens.

PyPI tokens are very powerful, as that they are based on Macaroons. They allow the bearer to add additional restrictions to an existing token. For example, given a PyPI token that can upload releases for any project of its owner, you can generate a token that will only allow some projects, or even a single one.

Here's an example:

$ pip install pypitoken

import pypitoken

token = pypitoken.Token.load("pypi-foobartoken")

print(token.restrictions)
# [NoopRestriction()]

token.restrict(projects=["requests"])

print(token.restrictions)
# [NoopRestriction(), ProjectsRestriction(projects=["requests"])]

token.dump()
# pypi-newfoobartoken

This token we've created above will be restricted to uploading releases of requests. Of course, your PyPI user will still need to have upload permissions on requests for this to happen.

The aim of this library is to provide a simple toolbelt for manipulating PyPI tokens. Ideally, someday, PyPI (Warehouse) itself may generate their tokens using this library too. This should make it easier to iterate on new kinds of restrictions for PyPI tokens, such as those discussed in the original implementation issue.

A discussion for integrating this library to the Warehouse environment is ongoing:

In the Python Packaging discussions for putting the project under the PyPA umbrella
In the Warehouse tracker for replacing the current macaroon implementation with this lib

Where to go from here

The complete docs is probably the best place to learn about the project.

If you encounter a bug, or want to get in touch, you're always welcome to open a ticket.

Comments

Add DateRestrictions
Closes #92

Hey @fschulze :) Do you think you could do a round of code review ? Also, I haven't taken the time to try the new macaroons against (Test)PyPI, so if you want to give it a try, feel free :) (you can generate an unscoped token on TestPyPI, then use this PR to create 2 tokens with time restrictions: one that includes now and one that excludes now. PyPI should let you upload with the first one and not with the 2nd one)

Checklist:

[x] Tests

[ ] (not applicable?)

[x] Documentation

[ ] (not applicable?)
opened by ewjoachim 5
Bump dunamai from 1.5.5 to 1.7.0
Bumps dunamai from 1.5.5 to 1.7.0.

Release notes

Sourced from dunamai's releases.

v1.7.0 (2021-10-31)

Broadened the default version tag pattern to allow more separator styles recognized in PEP 440 pre-normalized forms (-, ., and _).

Enhanced serialize_pep440() to normalize the alternative prerelease names (alpha -> a, beta -> b, c/pre/preview -> rc) and capitalizations (RC -> rc, etc).

Added a py.typed file for PEP-561. (Contributed by wwuck)

Replaced pkg_resources dependency with packaging and importlib_metadata. (Contributed by flying-sheep)

Added some missing public items to __all__.

v1.6.0 (2021-08-09)

Fixed an oversight where the default version tag pattern would only find tags with exactly three parts in the base (e.g., v1.0.0 and v1.2.3). This is now relaxed so that v1, v1.2.3.4, and so on are also recognized.

If you prefer the old default, you can pass a custom --pattern on the command line or a custom pattern to the Version.from_* methods. Specifically, the previous default used ^v(?P<base>\d+\.\d+\.\d+) instead of the new ^v(?P<base>\d+(\.\d+)*), but the rest of the pattern is the same in both defaults.

Added support for execution via python -m dunamai. (Contributed by jstriebel)

Changelog

Sourced from dunamai's changelog.

v1.7.0 (2021-10-31)

Broadened the default version tag pattern to allow more separator styles recognized in PEP 440 pre-normalized forms (-, ., and _).

Enhanced serialize_pep440() to normalize the alternative prerelease names (alpha -> a, beta -> b, c/pre/preview -> rc) and capitalizations (RC -> rc, etc).

Added a py.typed file for PEP-561. (Contributed by wwuck)

Replaced pkg_resources dependency with packaging and importlib_metadata. (Contributed by flying-sheep)

Added some missing public items to __all__.

v1.6.0 (2021-08-09)

Fixed an oversight where the default version tag pattern would only find tags with exactly three parts in the base (e.g., v1.0.0 and v1.2.3). This is now relaxed so that v1, v1.2.3.4, and so on are also recognized.

Added support for execution via python -m dunamai. (Contributed by jstriebel)

Commits

3e2173e Release v1.7.0

0f8c364 Allow more separator styles in tags and normalize certain alternative stage n...

6e4e290 Add workaround for Git 2.21.0 tests

be765c6 Fix pre-commit hook issue and newer Git compatibility in tests

1c16f9b Merge pull request #29 from flying-sheep/no-pkg-resources

7e0c312 Merge pull request #25 from wwuck/feature/pep561

71dbec5 Apparently old pytest doesn’t support tool.pytest.ini_options

9a8729d Switch to packaging and importlib_metadata

19760aa Add py.typed file for PEP-561

18dfa02 Release v1.6.0

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 4
Bump pytest-cov from 2.11.1 to 3.0.0
Bumps pytest-cov from 2.11.1 to 3.0.0.

Changelog

Sourced from pytest-cov's changelog.

3.0.0 (2021-10-04)

Note that this release drops support for Python 2.7 and Python 3.5.

Added support for Python 3.10 and updated various test dependencies. Contributed by Hugo van Kemenade in [#500](https://github.com/pytest-dev/pytest-cov/issues/500) <https://github.com/pytest-dev/pytest-cov/pull/500>_.

Switched from Travis CI to GitHub Actions. Contributed by Hugo van Kemenade in [#494](https://github.com/pytest-dev/pytest-cov/issues/494) <https://github.com/pytest-dev/pytest-cov/pull/494>_ and [#495](https://github.com/pytest-dev/pytest-cov/issues/495) <https://github.com/pytest-dev/pytest-cov/pull/495>_.

Add a --cov-reset CLI option. Contributed by Danilo Šegan in [#459](https://github.com/pytest-dev/pytest-cov/issues/459) <https://github.com/pytest-dev/pytest-cov/pull/459>_.

Improved validation of --cov-fail-under CLI option. Contributed by ... Ronny Pfannschmidt's desire for skark in [#480](https://github.com/pytest-dev/pytest-cov/issues/480) <https://github.com/pytest-dev/pytest-cov/pull/480>_.

Dropped Python 2.7 support. Contributed by Thomas Grainger in [#488](https://github.com/pytest-dev/pytest-cov/issues/488) <https://github.com/pytest-dev/pytest-cov/pull/488>_.

Updated trove classifiers. Contributed by Michał Bielawski in [#481](https://github.com/pytest-dev/pytest-cov/issues/481) <https://github.com/pytest-dev/pytest-cov/pull/481>_.

2.13.0 (2021-06-01)

Changed the toml requirement to be always be directly required (instead of being required through a coverage extra). This fixes issues with pip-compile (pip-tools#1300 <https://github.com/jazzband/pip-tools/issues/1300>). Contributed by Sorin Sbarnea in [#472](https://github.com/pytest-dev/pytest-cov/issues/472) <https://github.com/pytest-dev/pytest-cov/pull/472>.

Documented show_contexts. Contributed by Brian Rutledge in [#473](https://github.com/pytest-dev/pytest-cov/issues/473) <https://github.com/pytest-dev/pytest-cov/pull/473>_.

2.12.1 (2021-06-01)

Changed the toml requirement to be always be directly required (instead of being required through a coverage extra). This fixes issues with pip-compile (pip-tools#1300 <https://github.com/jazzband/pip-tools/issues/1300>). Contributed by Sorin Sbarnea in [#472](https://github.com/pytest-dev/pytest-cov/issues/472) <https://github.com/pytest-dev/pytest-cov/pull/472>.

Documented show_contexts. Contributed by Brian Rutledge in [#473](https://github.com/pytest-dev/pytest-cov/issues/473) <https://github.com/pytest-dev/pytest-cov/pull/473>_.

2.12.0 (2021-05-14)

Added coverage's toml extra to install requirements in setup.py. Contributed by Christian Riedel in [#410](https://github.com/pytest-dev/pytest-cov/issues/410) <https://github.com/pytest-dev/pytest-cov/pull/410>_.

Fixed pytest_cov.__version__ to have the right value (string with version instead of a string including __version__ =).

... (truncated)

Commits

560b955 Bump version: 2.12.1 → 3.0.0

e988a6c Update changelog.

f015932 Merge pull request #500 from hugovk/add-3.10

60a3cc1 No need to build universal wheels for Python 3-only

0bc997a Add support for Python 3.10

679935b Merge pull request #494 from hugovk/test-on-github-actions

96f9aad Add 'all good' job to be added as a required build

6395ece Test conditional collection on PyPy and CPython

f4a88d6 Test both PyPy3.6 and PyPy3.7

a948e89 Test both PyPy3.6 and PyPy3.7

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 3

Handle new Caveat format

We introduced a new caveat format in https://github.com/pypi/warehouse/pull/11903, which currently pypitoken can't handle:

>>> token.restrictions
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/di/git/ewjoachim/pypitoken/pypitoken/token.py", line 671, in restrictions
    return [
  File "/home/di/git/ewjoachim/pypitoken/pypitoken/token.py", line 672, in <listcomp>
    Restriction.load_json(caveat=caveat.caveat_id)
  File "/home/di/git/ewjoachim/pypitoken/pypitoken/token.py", line 137, in load_json
    return cls.load(caveat=caveat_obj)
  File "/home/di/git/ewjoachim/pypitoken/pypitoken/token.py", line 118, in load
    raise exceptions.LoaderError(
pypitoken.exceptions.LoaderError: Could not find matching Restriction for [4, '89e9fdb4-1a5f-49d4-8bc5-d5840a14a311']

opened by di 2

Bump dunamai from 1.11.0 to 1.11.1
Bumps dunamai from 1.11.0 to 1.11.1.

Release notes

Sourced from dunamai's releases.

v1.11.1 (2022-04-05)

Fixed the --bump CLI option and the bump argument of Version.serialize bumping even on a commit with a version tag. Now, no bumping occurs on such a commit.

Changelog

Sourced from dunamai's changelog.

v1.11.1 (2022-04-05)

Fixed the --bump CLI option and the bump argument of Version.serialize bumping even on a commit with a version tag. Now, no bumping occurs on such a commit.

Commits

b6165f5 Release v1.11.1

f3c3bc6 Fix Black pre-commit hook

4a6ac3e #45: Fix integration test

7843df6 #45: Skip bumping when distance is 0

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 2
Bump sphinx from 3.5.4 to 4.4.0
Bumps sphinx from 3.5.4 to 4.4.0.

Release notes

Sourced from sphinx's releases.

v4.4.0

Changelog: https://www.sphinx-doc.org/en/master/changes.html

v4.3.1

No release notes provided.

Changelog

Sourced from sphinx's changelog.

Release 4.4.0 (released Jan 17, 2022)

Dependencies

#10007: Use importlib_metadata for python-3.9 or older

#10007: Drop setuptools

Features added

#9075: autodoc: Add a config variable :confval:autodoc_typehints_format to suppress the leading module names of typehints of function signatures (ex. io.StringIO -> StringIO)

#9831: Autosummary now documents only the members specified in a module's __all__ attribute if :confval:autosummary_ignore_module_all is set to False. The default behaviour is unchanged. Autogen also now supports this behavior with the --respect-module-all switch.

#9555: autosummary: Improve error messages on failure to load target object

#9800: extlinks: Emit warning if a hardcoded link is replaceable by an extlink, suggesting a replacement.

#9961: html: Support nested HTML elements in other HTML builders

#10013: html: Allow to change the loading method of JS via loading_method parameter for :meth:Sphinx.add_js_file()

#9551: html search: "Hide Search Matches" link removes "highlight" parameter from URL

#9815: html theme: Wrap sidebar components in div to allow customizing their layout via CSS

#9827: i18n: Sort items in glossary by translated terms

#9899: py domain: Allows to specify cross-reference specifier (. and ~) as :type: option

#9894: linkcheck: add option linkcheck_exclude_documents to disable link checking in matched documents.

#9793: sphinx-build: Allow to use the parallel build feature in macOS on macOS and Python3.8+

#10055: sphinx-build: Create directories when -w option given

#9993: std domain: Allow to refer an inline target (ex. ``_target name```) via :rst:role:ref` role

#9981: std domain: Strip value part of the option directive from general index

#9391: texinfo: improve variable in samp role

#9578: texinfo: Add :confval:texinfo_cross_references to disable cross references for readability with standalone readers

#9822 (and #9062), add new Intersphinx role :rst:role:external for explict lookup in the external projects, without resolving to the local project.

Bugs fixed

#9866: autodoc: doccomment for the imported class was ignored

... (truncated)

Commits

88f9647 Bump to 4.4.0 final

fc428ad Merge pull request #9822 from jakobandersen/intersphinx_role

5d595ec intersphinx role, simplify role_name check

6ee0ecb intersphinx role, simplify role name matching

3bf8bcd intersphinx role, update docs

c11b109 intersphinx role: :external+inv:: instead of :external:inv+:

9589a2b intersphinx role, remove redundant method

941db55 intersphinx role, fix flake8 warnings

9a3f2b8 intersphinx role, CHANGES

540d760 intersphinx role, documentation

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 2
Bump jsonschema from 4.17.0 to 4.17.1
Bumps jsonschema from 4.17.0 to 4.17.1.

Release notes

Sourced from jsonschema's releases.

v4.17.1

Full Changelog: https://github.com/python-jsonschema/jsonschema/compare/v4.17.0...v4.17.1

Changelog

Sourced from jsonschema's changelog.

v4.17.1

The error message when using unevaluatedProperties with a non-trivial schema value (i.e. something other than false) has been improved (#996).

Commits

46fdb98 v4.17.1 -> CHANGELOG

000dd3d Remove making believe we are ReadTheDocs in CI builds.

5563044 Skip the rest of the docs builds on Windows in CI.

198d1af Run more things with 3.11 in CI.

da35584 Suppress epub warnings for duplicated ToC entries.

be86aad Temporarily evade wpilibsuite/sphinxext-opengraph#87

9069484 Update docs requirements.

4f8f346 Un-bundle single-vocabulary meta-schemas.

7830605 Emit a better error message for unevaluatedProperties with a subschema.

75903d8 Merge commit '62e69b2c3be9e30c50bea2e595eb2afcd13666ec'

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
Bump actions/cache from 2 to 3.0.1
Bumps actions/cache from 2 to 3.0.1.

Release notes

Sourced from actions/cache's releases.

v3.0.1

Added support for caching from GHES 3.5.

Fixed download issue for files > 2GB during restore.

v3.0.0

This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

Make caching more verbose #650

Use GNU tar on macOS if available #701

v2.1.3

Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.

Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds

No-op when executing on GHES

v2.1.1

Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently

Display download progress and speed

Changelog

Sourced from actions/cache's changelog.

3.0.1

Added support for caching from GHES 3.5.

Fixed download issue for files > 2GB during restore.

Commits

136d96b Enabling actions/cache for GHES based on presence of AC service (#774)

7d4f40b Bumping up the version to fix download issue for files > 2 GB. (#775)

2d8d0d1 Updated what's new. (#771)

7799d86 Updated the usage and docs to the major version release. (#770)

4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version

60c606a Update licensed files

b6e9a91 Revert "Updated to the latest version."

c842503 Updated to the latest version.

2b7da2a Bumped up to a major version.

deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 1
Bump actions/cache from 2 to 3
Bumps actions/cache from 2 to 3.

Release notes

Sourced from actions/cache's releases.

v3.0.0

This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

Make caching more verbose #650

Use GNU tar on macOS if available #701

v2.1.3

Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.

Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds

No-op when executing on GHES

v2.1.1

Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently

Display download progress and speed

Commits

4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version

60c606a Update licensed files

b6e9a91 Revert "Updated to the latest version."

c842503 Updated to the latest version.

2b7da2a Bumped up to a major version.

deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example

c7c46bc Merge pull request #707 from duxtland/main

6535c5f Regenerated examples.md TOC

3fdafa4 Update GitHub Actions status badge markdown in README.md

341e6d7 Merge branch 'actions:main' into fix-golang-windows-example

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 1
Bump sphinx-material from 0.0.32 to 0.0.35
Bumps sphinx-material from 0.0.32 to 0.0.35.

Release notes

Sourced from sphinx-material's releases.

Release 0.0.35

Add option to not strip tables

Release 0.0.34

Fix for space in citation labels.

Release 0.0.33

This release contains a number of minor fixes.

Commits

6e0ef82 Merge pull request #120 from danwos/danwos_table_strip

9c5df4a Theme option fo deactivating table handling

8aba3ac Merge pull request #118 from bashtage/citation-fix

ff14603 ENH: Improve spacing around citations

f94eccf Merge pull request #117 from bashtage/doc-global-toc

c9506a9 DOC: Emphasize globaltoc

5432f24 Merge pull request #116 from bashtage/role-search

fdf8810 ENH: Add support for RTD search

7b15906 Merge pull request #115 from bashtage/generate-docs

edb47be MAINT: Enable doc generation

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1
Bump sphinx from 3.5.4 to 4.3.0
Bumps sphinx from 3.5.4 to 4.3.0.

Changelog

Sourced from sphinx's changelog.

Release 4.3.0 (released Nov 11, 2021)

Dependencies

Support Python 3.10

Incompatible changes

#9649: searchindex.js: the embedded data has changed format to allow objects with the same name in different domains.

#9672: The rendering of Python domain declarations is implemented with more docutils nodes to allow better CSS styling. It may break existing styling.

#9672: the signature of :py:meth:domains.py.PyObject.get_signature_prefix has changed to return a list of nodes instead of a plain string.

#9695: domains.js.JSObject.display_prefix has been changed into a method get_display_prefix which now returns a list of nodes instead of a plain string.

#9695: The rendering of Javascript domain declarations is implemented with more docutils nodes to allow better CSS styling. It may break existing styling.

#9450: mathjax: Load MathJax via "defer" strategy

Deprecated

sphinx.ext.autodoc.AttributeDocumenter._datadescriptor

sphinx.writers.html.HTMLTranslator._fieldlist_row_index

sphinx.writers.html.HTMLTranslator._table_row_index

sphinx.writers.html5.HTML5Translator._fieldlist_row_index

sphinx.writers.html5.HTML5Translator._table_row_index

Features added

#9639: autodoc: Support asynchronous generator functions

#9664: autodoc: autodoc-process-bases supports to inject reST snippet as a base class

#9691: C, added new info-field retval for :rst:dir:c:function and :rst:dir:c:macro.

C++, added new info-field retval for :rst:dir:cpp:function.

#9618: i18n: Add :confval:gettext_allow_fuzzy_translations to allow "fuzzy" messages for translation

#9672: More CSS classes on Python domain descriptions

#9695: More CSS classes on Javascript domain descriptions

#9683: Revert the removal of add_stylesheet() API. It will be kept until

... (truncated)

Commits

3001cc9 Bump to 4.3.0 final

d321a97 Merge pull request #9837 from tk0miya/9833_RemovedInSphinx60Warning

5339636 Fix the type of deprecation warning for get_signature_prefix (refs: #9833)

5999cdb Merge pull request #9833 from jakobandersen/py_get_signature_prefix

63bd4b8 Use warnings.warn and deprecation warning

096e286 Merge pull request #9628 from tk0miya/9623_suppress_warnings_for_excluded_doc...

1317eee Merge pull request #9828 from tk0miya/9618_gettext_allow_fuzzy_translations

7357b17 Merge branch '4.x' into 9623_suppress_warnings_for_excluded_document_in_toctree

22bec4f Fix #9623: Separate warning type 'toc.not_readable' to 'toc.excluded'

563936b Merge pull request #9829 from tk0miya/9450_load_mathjax_as_defer

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies python
opened by dependabot[bot] 1

Releases(6.0.1)

6.0.1(Nov 6, 2022)
Furo documentation (#134)

Source code(tar.gz)
Source code(zip)
6.0.0(Nov 6, 2022)
Breaking Changes !

Add new format for restrictions (#133) See https://pypitoken.readthedocs.io/en/latest/howto.html#version-6-x-upgrade for details on how to upgrade from a previous version.

Other changes

Pre-commit (#97, #99, #104, #106, #109, #112, #118, #120, #121, #123, #125, #127, #131)

Dependabot (#96, #98, #100, #101, #102, #103, #105, #107, #108, #110, #111, #113, #114, #115, #116, #117, #119, #122, #124, #126, #128, #129, #130)

Source code(tar.gz)
Source code(zip)
5.0.0(May 29, 2022)
Remove deprecated Python 3.6, add Python 3.10 (#95)

Source code(tar.gz)
Source code(zip)
4.0.0(May 29, 2022)
Add DateRestrictions (#94)

Add black/isort/mypy in pypoetry, but ensure their versions are synchronized with pre-commit (#93)

And

Dependencies auto-upgrade (#91, #89, #90, #86, #88, #83, #82, #81, #80, #79, #78, #77, #76, #75, #74, #73, #71)

Source code(tar.gz)
Source code(zip)
3.0.7(Jan 11, 2022)

Fix deployment again
Source code(tar.gz)
Source code(zip)
3.0.6(Jan 11, 2022)

Fix deployment
Source code(tar.gz)
Source code(zip)
3.0.5(Jan 11, 2022)
[pre-commit.ci] pre-commit autoupdate (#70)

[pre-commit.ci] pre-commit autoupdate (#69)

Bump sphinx from 4.3.1 to 4.3.2 (#68)

Bump lxml from 4.6.3 to 4.6.5 (#67)

[pre-commit.ci] pre-commit autoupdate (#66)

Bump sphinx from 4.3.0 to 4.3.1 (#65)

[pre-commit.ci] pre-commit autoupdate (#64)

[pre-commit.ci] pre-commit autoupdate (#63)

Bump dunamai from 1.5.5 to 1.7.0 (#59)

Bump pytest-cov from 2.11.1 to 3.0.0 (#57)

Bump sphinx-material from 0.0.32 to 0.0.35 (#61)

Bump jsonschema from 3.2.0 to 4.0.0 (#62)

Bump sphinx from 3.5.4 to 4.3.0 (#60)

Bump pytest from 5.4.3 to 6.2.5 (#58)

Bump urllib3 from 1.26.4 to 1.26.5 (#56)

[pre-commit.ci] pre-commit autoupdate (#55)

[pre-commit.ci] pre-commit autoupdate (#54)

[pre-commit.ci] pre-commit autoupdate (#53)

[pre-commit.ci] pre-commit autoupdate (#52)

[pre-commit.ci] pre-commit autoupdate (#51)

Replace codecov with coverage-comment (#50)

[pre-commit.ci] pre-commit autoupdate (#49)

[pre-commit.ci] pre-commit autoupdate (#48)

[pre-commit.ci] pre-commit autoupdate (#47)

[pre-commit.ci] pre-commit autoupdate (#46)

Fix python-version on ci (#45)

Source code(tar.gz)
Source code(zip)
3.0.4(Aug 11, 2021)
[pre-commit.ci] pre-commit autoupdate (#44)

[pre-commit.ci] pre-commit autoupdate (#43)

[pre-commit.ci] pre-commit autoupdate (#42)

[pre-commit.ci] pre-commit autoupdate (#41)

[pre-commit.ci] pre-commit autoupdate (#40)

[pre-commit.ci] pre-commit autoupdate (#39)

[pre-commit.ci] pre-commit autoupdate (#38)

[pre-commit.ci] pre-commit autoupdate (#37)

[pre-commit.ci] pre-commit autoupdate (#36)

[pre-commit.ci] pre-commit autoupdate (#35)

[pre-commit.ci] pre-commit autoupdate (#34)

[pre-commit.ci] pre-commit autoupdate (#33)

[pre-commit.ci] pre-commit autoupdate (#32)

[pre-commit.ci] pre-commit autoupdate (#31)

Source code(tar.gz)
Source code(zip)
3.0.3(May 9, 2021)
small update of boilerplate (#30)

[pre-commit.ci] pre-commit autoupdate (#29)

pre-commit-ci & readthedocs (#28)

Source code(tar.gz)
Source code(zip)
3.0.2(Mar 18, 2021)
Fix doc (#27)

Source code(tar.gz)
Source code(zip)
3.0.1(Mar 18, 2021)
Add note on traceability in the docs (#26)

Fix tests (#26)

Source code(tar.gz)
Source code(zip)
3.0.0(Mar 17, 2021)
New public API for restriction. No breaking but enough change to warrant a major release.

Move dangling methods into class methods (#25)

Public API for Restrictions (#24)

Source code(tar.gz)
Source code(zip)
2.0.0(Mar 14, 2021)
Breaking changes

LoadError is now LoaderError (#23)

Other changes

Improve error messages (#23)

Source code(tar.gz)
Source code(zip)
1.1.0(Mar 14, 2021)
Create a context object, remove MissingContextError (#22)

Adding discussion topics & tighten implementation regarding extraneous caveat params (#21)

Minor version for refactoring some aspects, but no breaking changes.
Source code(tar.gz)
Source code(zip)
1.0.6(Mar 14, 2021)
Document exception classes (#20)

Release drafter: change default version (82cdde3e)

Source code(tar.gz)
Source code(zip)
1.0.5(Mar 12, 2021)
Fix RTD build (#19)

Small doc improvements, esp. regarding PyPI implementation (#18)

Source code(tar.gz)
Source code(zip)
1.0.4(Mar 8, 2021)
Improve PR template wording (#16)

Improve packaging metadata (#15)

Source code(tar.gz)
Source code(zip)
1.0.3(Mar 8, 2021)
Build before publishing (#14)

Source code(tar.gz)
Source code(zip)
1.0.2(Mar 8, 2021)
Fix auto-release, again (#11)

Source code(tar.gz)
Source code(zip)
1.0.1(Mar 8, 2021)
Fix auto-release by naming job explicitely (#10)

Source code(tar.gz)
Source code(zip)
1.0.0(Mar 8, 2021)
Fix readthedocs (#9)

Rename "derive" as "restrict" (#8)

Improve PR template (#7)

Fix CI cache (#6)

Sphinx doc (#5)

Working tox & CI (#3)

Add first implementation (#1)

Source code(tar.gz)
Source code(zip)