-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: release to pypi and github on tagged pushes. #870
Conversation
Codecov Report
@@ Coverage Diff @@
## main #870 +/- ##
==========================================
- Coverage 82.46% 78.32% -4.15%
==========================================
Files 16 16
Lines 3776 4342 +566
Branches 802 821 +19
==========================================
+ Hits 3114 3401 +287
- Misses 495 754 +259
- Partials 167 187 +20
Continue to review full report at Codecov.
|
Thank you for the PR! I'm pretty hesitant to give my PyPI credentials away. I need to think about this. |
I don't see why you would need to (and that makes a lot of sense). Since whatever credentials are used to release reside in a secret I would simply set up an organisation secret holding credentials for a pypdf2 account on pypi. Alternatively I could just scrub the pypi release step, but it's one more thing to be done manually, and it probably makes sense to have it in CI. |
Alternatively it seems you wouldn't need a new account---you can restrict token scopes on pypi to a particular repository. (api docs not sure how you do it from the web interface). So you could make a pypdf2 token with permissions to push only to that project, but still under your account, and then store that in an organisation secret. Organisation secrets aren't available in PRs, so there's no danger of an inadvertant release that way. However I'm assuming that only a few people have the right to push to main/master. |
That is exactly the "giving my credentials away" part I was mentioning :-) At the moment, the secrets are only at my machine(s)/backups + PyPI. This PR would require that I add it to the Github organization. Additionally, releasing to PyPI is not a big deal for me. So this PR raises security concerns on my side + doesn't solve any issue for me. After I created make_changelog.py, creating the changelog + the release notes is also not a big deal. Just give me a few days to think about it :-) I know that I'm sometimes a bit stubborn when it comes to changing my workflows 😄 |
@MartinThoma sure, and I'll happily just pull that step. I added it for completeness :) |
@2e0byo Thank you for your help 🤗 |
The highlight of the 2.1.0 release is the most massive improvement to the text extraction capabilities of PyPDF2 since 2016 🥳🎊 A very big thank you goes to [pubpub-zz](https://github.com/pubpub-zz) who took a lot of time and knowledge about the PDF format to finally get those improvements into PyPDF2. Thank you 🤗💚 In case the new function causes any issues, you can use `_extract_text_old` for the old functionality. Please also open a bug ticket in that case. There were several people who have attempted to bring similar improvements to PyPDF2. All of those were valuable. The main reason why they didn't get merged is the big amount of open PRs / issues. pubpub-zz was the most comprehensive PR which also incorporated the latest changes of PyPDF2 2.0.0. Thank you to [VictorCarlquist](https://github.com/VictorCarlquist) for #858 and [asabramo](https://github.com/asabramo) for #464 🤗 New Features (ENH): - Massive text extraction improvement (#924). Closed many open issues: - Exceptions / missing spaces in extract_text() method (#17) 🕺 - Whitespace issues in extract_text() (#42) 💃 - pypdf2 reads the hifenated words in a new line (#246) - PyPDF2 failing to read unicode character (#37) - Unable to read bullets (#230) - ExtractText yields nothing for apparently good PDF (#168) 🎉 - Encoding issue in extract_text() (#235) - extractText() doesn't work on Chinese PDF (#252) - encoding error (#260) - Trouble with apostophes in names in text "O'Doul" (#384) - extract_text works for some PDF files, but not the others (#437) - Euro sign not being recognized by extractText (#443) - Failed extracting text from French texts (#524) - extract_text doesn't extract ligatures correctly (#598) - reading spanish text - mark convert issue (#635) - Read PDF changed from text to random symbols (#654) - .extractText() reads / as 1. (#789) - Update glyphlist (#947) - inspired by #464 - Allow adding PageRange objects (#948) Bug Fixes (BUG): - Delete .python-version file (#944) - Compare StreamObject.decoded_self with None (#931) Robustness (ROB): - Fix some conversion errors on non conform PDF (#932) Documentation (DOC): - Elaborate on PDF text extraction difficulties (#939) - Add logo (#942) - rotate vs Transformation().rotate (#937) - Example how to use PyPDF2 with AWS S3 (#938) - How to deprecate (#930) - Fix typos on robustness page (#935) - Remove scripts (pdfcat) from docs (#934) Developer Experience (DEV): - Ignore .python-version file - Mark deprecated code with no-cover (#943) - Automatically create Github releases from tags (#870) Testing (TST): - Text extraction for non-latin alphabets (#954) - Ignore PdfReadWarning in benchmark (#949) - writer.remove_text (#946) - Add test for Tree and _security (#945) Code Style (STY): - black, isort, Flake8, splitting buildCharMap (#950) Full Changelog: 2.0.0...2.1.0
Closes (hopefull) #748.
Untested, as would require credentials.
Uses:
https://github.com/softprops/action-gh-release
https://github.com/softprops/action-gh-release
Note that I personally use semantic-release in everything (in ci), which handles the releasing/tags/pypi etc all in one with decent changelogs. But this is (hopefully) what was requested.