| File | Before | After | Percent reduction | |:--|:--|:--|:--| | /docs/images/logo.png | 30.77kb | 23.52kb | 23.56% | | /docs/images/main.png | 108.82kb | 89.25kb | 17.98% | | /PyAvatar/images/placeholder.gif | 15.32kb | 15.31kb | 0.07% | | | | | | | Total : | 154.91kb | 128.08kb | 17.32% |

Sourced from pypa/gh-action-pypi-publish's releases.

v1.6.4

oh, boi! again?

This is the last one tonight, promise! It fixes this embarrassing bug that was actually caught by the CI but got overlooked due to the lack of sleep. TL;DR GH passed $HOME from the external env into the container and that tricked the Python's site module to think that the home directory is elsewhere, adding non-existent paths to the env vars. See #115.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.3...v1.6.4

v1.6.3

Another Release!? Why?

In pypa/gh-action-pypi-publish#112, it was discovered that passing a $PATH variable even breaks the shebang. So this version adds more safeguards to make sure it keeps working with a fully broken $PATH.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.2...v1.6.3

v1.6.2

What's Fixed

• Made the $PATH and $PYTHONPATH environment variables resilient to broken values passed from the host runner environment, which previously allowed the users to accidentally break the container's internal runtime as reported in pypa/gh-action-pypi-publish#112

Internal Maintenance Improvements

• Added a devpi-based smoke-test GitHub Actions CI/CD workflow by @​sesdaile-varmour in pypa/gh-action-pypi-publish#111

New Contributors

• @​sesdaile-varmour made their first contribution in pypa/gh-action-pypi-publish#111

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.1...v1.6.2

• c7f29f7 🐛 Override $HOME in the container with /root
• 644926c 🧪 Always run smoke testing in debug mode
• e71a4a4 Add support for verbose bash execusion w/ $DEBUG
• e56e821 🐛 Make id always available in twine-upload
• c879b84 🐛 Use full path to bash in shebang
• 57e7d53 🐛Ensure the default $PATH value is pre-loaded
• ce291dc 🎨🐛Fix the branch @ pre-commit.ci badge links
• 102d8ab 🐛 Rehardcode devpi port for GHA srv container
• 3a9eaef 🐛Use different ports in/out of GHA containers
• a01fa74 🐛 Use localhost @ GHA outside the containers
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pypa/gh-action-pypi-publish's releases.

v1.6.1

What's happened?!

There was a sneaky bug in v1.6.0 which caused Twine to be outside the import path in the Python runtime. It is fixed in v1.6.1 by updating $PYTHONPATH to point to a correct location of the user-global site-packages/ directory.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.0...v1.6.1

v1.6.0

Anything's changed?

The only update is that the Python runtime has been upgraded from 3.9 to 3.11. There are no functional changes in this release.

Full Changelog: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.2...v1.6.0

• 5d1679f Use py3.11 user-global site-packages in PYTHONPATH
• d2a2496 Switch the runtime from Python 3.9 to Python 3.11
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pypa/gh-action-pypi-publish's releases.

v1.5.2

What's Improved

• Implemented the Twine transitive dependency tree pinning using pip-tools-generated constraint files. See pypa/gh-action-pypi-publish#107 and pypa/gh-action-pypi-publish#101 for details.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.1...v1.5.2

• d7edd4c Add user-global site-packages to $PYTHONPATH
• 8d5f27c Install Twine in the user-global site-packages
• b0dc178 Disable pip cache dir with an env var
• bbf6e0b Copy requirements to corresponding dir @ container
• 0b69a8c Document broken pkginfo==1.9.0 transitive dep
• c54db9c Integrate pip-tools-generated constraint files
• 480ec4e Inherit yamllint config from the default preset
• 5fb2f04 Drop __token__ from README code usage snippets
• 7bbdccd Update the mention of master with unstable/v1
• 328cf89 📝 Fix a link to the "Distribution Package" term
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pypa/gh-action-pypi-publish's releases.

v1.5.1

What's Changed

• Fixed printing out the dist hashes when packages_dir is a wildcard value. — by @​meowmeowmeowcat in pypa/gh-action-pypi-publish#91

Full Changelog: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.0...v1.5.1

v1.5.0

What's Changed

• Added an action input print_hash for showing the hash values of files to be uploaded — by @​meowmeowmeowcat in pypa/gh-action-pypi-publish#87

New Contributors

• @​pllim made their first contribution in pypa/gh-action-pypi-publish#55
• @​meowmeowmeowcat made their first contribution in pypa/gh-action-pypi-publish#87

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.4.2...v1.5.0

• 37f50c2 Merge PR #91
• 9f0421c Add #StandWithUkraine banner to README
• c3fbd68 Remove quotes
• 717ba43 Trim the trailing whitespaces in print-hash.py
• 4992a00 Merge pull request #87 from meowmeowmeowcat/show-hash-values
• 977d067 Fix a bug
• 5d18baa Drop unnecessary file_iterable var
• 0575dc8 Refactor the hash helper script to use pathlib and CLI args
• 8682135 Correct the if-clause for printing the hashes
• c83d37b Introduce print_hash in README
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github/codeql-action's changelog.

• 00ef1ee Update changelog for v2.1.21
• 21bf308 Merge pull request #1211 from github/get-default-branch-correctly-schedule
• 5960bff When running on a schedule, make a better guess about whether we're analyzing...
• 92c650b Merge pull request #1210 from github/edoardo/record-db-creation-time
• 8b45ef3 Telemetry: Record DB creation time
• e7d4da3 Merge pull request #1209 from github/henrymercer/fix-go-tracing-tests
• 182342c Remove unguarded Actions library query
• e195431 Override CODEQL_EXTRACTOR_GO_BUILD_TRACING with on when it's true
• 3069613 Prevent hangs in Go autobuild tests due to .NET keychain prompts
• 569f78c Add changelog note
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

v4.0.0

What's Changed

• Support for python-version-file input: #336

Example of usage:

- uses: actions/[email protected]
  with:
    python-version-file: '.python-version' # Read python version from a file
- run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

• Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/[email protected]
  with:
    python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
- run: python my_script.py

• RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

• Bugfix: create missing pypyX.Y symlinks: #347

• PKG_CONFIG_PATH environment variable: #400

• Added python-path output: #405 python-path output contains Python executable path.

• Updated zeit/ncc to vercel/ncc package: #393

• Bugfix: fixed output for prerelease version of poetry: #409

• Made pythonLocation environment variable consistent for Python and PyPy: #418

• Bugfix for 3.x-dev syntax: #417

• Other improvements: #318 #396 #384 #387 #388

Update actions/cache version to 2.0.2

In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-python#382)

Add "cache-hit" output and fix "python-version" output for PyPy

This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

... (truncated)

• b55428b Merge pull request #472 from IvanZosimov/ReadmeUpdate
• e084fca Merge branch 'main' into ReadmeUpdate
• 789730b Fix broken links in the text body
• c4e98b7 Fix broken links
• cfcafa5 Fix review points
• c318b92 Fix review points
• a93d541 Merge pull request #466 from techman83/fix/tool_path
• 72394d1 Fix typo
• fe396d3 Revert changes
• 853c012 Change advanced-usage.md
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from contributor-assistant/github-action's releases.

v2.2.1

See CHANGELOG.md for release notes.

Sourced from contributor-assistant/github-action's changelog.

Change Log

• b3bbab0 Update CHANGELOG.md
• 468a6d4 Update CHANGELOG.md
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)