Comments (4)
Have you tried downloading the artifacts from your GHA workflow page locally and checking them all with twine check --strict
?
It's definitely unpleasant to get failures in the very last step of the release process, which is why I recommend running it early in the workflow. In many of my workflows I migrated to building the dists before testing. This way, I can lint them (including but not limited to twine check
), test the same wheels and then publish exactly what's tested as opposed to publishing something that was built separately from what was built in the test jobs.
from gh-action-pypi-publish.
Turns out it was a bug on download-artifact
where it just made a mess of things scikit-build/scikit-build-core#696 (comment)
from gh-action-pypi-publish.
zipfile.BadZipFile: Bad magic number for file header
Your error sounds a lot like #215 and #148. I'd also report to Twine as we just call it via CLI and it could output better errors.
from gh-action-pypi-publish.
Yeah, I should have added a manual action for twine check
on the artifacts. Alternatively, having a dry-run
/no-upload
input for this action would also help with that.
from gh-action-pypi-publish.
Related Issues (20)
- Make this action play nicely with new gh upload/download artifact actions v4 HOT 7
- [docs] Emphasize the dangers of enabling `skip-existing` in README
- "Only one sdist may be uploaded per release" with skip-existing enabled HOT 2
- Provide a better troubleshooting message when used from a 3P PR
- Provide a full example of a GitHub Actions config, rather than small little pieces HOT 5
- raise BadZipFile("Bad magic number for central directory") HOT 7
- invalid-publisher: valid token, but no corresponding publisher part 2 HOT 16
- Invalid API Token: token with user restriction without a user HOT 5
- Publishing to PyPI fails with HTTPError: 403 Forbidden HOT 4
- Feature request: add `--dry-run` equivalent parameter HOT 8
- option to disable twine progressbar
- HTTPError: 403 Forbidden or invalid-publisher: a valid token is recognized, but no corresponding publisher is found HOT 8
- [TODO] Update the 2FA nudge error message to use present tense
- InvalidDistribution: Unknown distribution format: 'artifact' when not specifying an artifact name HOT 12
- Document permission requirements for private repositories HOT 2
- Token request failed: the index produced an unexpected 503 response HOT 6
- Can't use https://pypi.org/p/<your-pypi-project-name> HOT 1
- Publish package fails: KeyError: 'home-page' HOT 18
- Deprecate the `password` setting in favor of `token`?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gh-action-pypi-publish.