This project publishes to PyPI from GitHub Actions via Trusted Publishing (OIDC, no API tokens).
These steps are done once per project — already configured for this repo:
- PyPI account with 2FA — https://pypi.org/account/register/
- PyPI trusted publisher — https://pypi.org/manage/account/publishing/
- Project name:
polymarket-execution - Owner:
eduardodoege - Repository name:
polymarket-execution - Workflow name:
publish.yml - Environment name:
pypi
- Project name:
- GitHub environment
pypiin this repo — Settings → Environments → New environment → "pypi"- Recommended: enable Required reviewers so each publish requires a manual click in the Actions tab.
- Bump the version in
src/polymarket_execution/_version.py - Update README / docs if any user-facing API changed
- Commit:
git commit -am "Release v0.1.0" - Create and push the tag (must match the version exactly, prefixed with
v):git tag v0.1.0 git push origin main git push origin v0.1.0
- The
publish.ymlworkflow:- Verifies that the tag matches
pyproject.tomlversion (fails otherwise) - Builds the sdist + wheel
- Publishes to PyPI via OIDC
- Verifies that the tag matches
- If you enabled "Required reviewers" on the
pypienvironment, approve the run in the Actions tab - Within ~2 minutes,
pip install polymarket-execution==0.1.0works for the world
Use PEP 440 suffixes: 0.1.0a1, 0.1.0b2, 0.1.0rc1, 0.1.0.dev0. The publish workflow handles them transparently — same flow, same tag prefix (vX.Y.Z<suffix>).
If a published version is broken, don't delete it (PyPI doesn't allow re-uploading the same version). Instead:
- Push a new patch version with the fix
- On PyPI, mark the bad version as "yanked" via the project page (browser only)