Twine: Keyring support broken

Created on 5 Nov 2018  路  7Comments  路  Source: pypa/twine

In #408, the keyring support was fixed. That fix remains unreleased, so users downloading the latest release of twine from PyPI get a broken experience. It would be nice to get a release out with the hotfix. Is there any reason not to do so?

picture jaraco
👍3

Most helpful comment

I am such a user. Could not find out why twine did not get my password from the keyring. Eventually looked into the code. Found the lines that prevented the keyring being consulted. Commented them out. Now it works. Please, put it in a release.

# if 'keyring' not in sys.modules:
#    return

    try:
        import keyring

lines 210-214 in utils.py

picture dirkroorda on 8 Nov 2018
👍2

All 7 comments

I am such a user. Could not find out why twine did not get my password from the keyring. Eventually looked into the code. Found the lines that prevented the keyring being consulted. Commented them out. Now it works. Please, put it in a release.

# if 'keyring' not in sys.modules:
#    return

    try:
        import keyring

lines 210-214 in utils.py

dirkroorda picture dirkroorda on 8 Nov 2018
👍2

+1, I assume I am not the only one this would have saved a bunch of time searching for why it's not working...

christianbrodbeck picture christianbrodbeck on 8 Dec 2018

I wonder how did that code even end up in there? Way too much time wasted thinking there was something wrong with my setup :slightly_frowning_face:

How comes very few people seem to be complaining about this around the internet? (Hence the lack of search results, that lead me to think it was my setup in the first place). Is there any other currently working way of using twine, without having to manually type in a 64-random-characters password all the time?

rshk picture rshk on 4 Jan 2019

How comes very few people seem to be complaining about this around the internet?

Because we're patiently awaiting a new release :) (See also https://github.com/pypa/twine/issues/442).

Is there any other currently working way of using twine, without having to manually type in a 64-random-characters password all the time?

I manually applied https://github.com/pypa/twine/pull/408.

You could also install from master, something like:

pip install -U git+https://github.com/pypa/twine

Is there anything we can do to help with the next release?

hugovk picture hugovk on 4 Jan 2019

How comes very few people seem to be complaining about this around the internet?

Because we're patiently awaiting a new release :) (See also #442).

Yep :) I'm not calling for mobs to put pressure so a new version is released quicker :stuck_out_tongue:

Just wondering what people are doing in the meantime / how comes this issue isn't more visible. Should be breaking most people workflows..?

You could also install from master, something like:

I'm using the twine package from arch linux (one less thing to remember keeping up to date manually!), so just manually patched the file for now. Hopefully next version of the package will contain the fix anyways..

Is there anything we can do to help with the next release?

I hope a new release isn't blocked by twine being broken / unable to upload the new package :rofl: :rofl:

rshk picture rshk on 4 Jan 2019

Just wondering what people are doing in the meantime / how comes this issue isn't more visible.

I'm using a local checkout (pip-run ~/p/pypa/twine -- -m twine upload dists/*) for local releases or an install from master for mechanized releases.

I imagine most people are just using a less secure technique.

jaraco picture jaraco on 4 Jan 2019

This issue is resolved in master, so can be closed in favor of #451.

jaraco picture jaraco on 9 Feb 2019
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

sigmavirus24 picture sigmavirus24  路  8Comments
brainwane picture brainwane  路  6Comments
monocongo picture monocongo  路  3Comments
martisak picture martisak  路  11Comments
RDIL picture RDIL  路  4Comments