This guide describes the recommended way to publish spatho to PyPI.
Use PyPI Trusted Publishing with GitHub Actions.
Why:
- no long-lived PyPI API token needs to be stored in GitHub
- the release is tied to a specific GitHub Actions workflow
- PyPI automatically produces provenance attestations for Trusted Publishing uploads
Official references:
- Create or sign in to your PyPI account at pypi.org.
- Confirm the project name is the one you want to publish.
- On PyPI, create the project through Trusted Publishing or add a trusted publisher for an existing project.
- Use these GitHub settings:
- Repository owner:
hutaobo - Repository name:
Agentic-Spatial-Pathologist - Workflow file:
publish-pypi.yml - Environment name:
pypi
- In GitHub, create an environment named
pypi. - Optionally add manual approval rules to the
pypienvironment.
- Bump
spatho.__version__in src/spatho/init.py. - Commit the version bump.
- Commit and push the release branch.
- Create a Git tag that matches the package version.
- Create a GitHub Release from that tag and publish it.
Example:
git tag v0.1.0
git push origin main
git push origin v0.1.0Then publish a GitHub Release for v0.1.0.
GitHub Actions will:
- build the sdist and wheel
- upload them as workflow artifacts
- publish them to PyPI through Trusted Publishing
The PyPI workflow is now triggered by a formal GitHub Release, not by tag push alone.
Run these before tagging:
python -m pip install -e .[dev]
python -m pytest tests
python -m build
python -m twine check dist/*If you want a dress rehearsal, use TestPyPI first.
Official guide:
You can either:
- create a separate TestPyPI publishing workflow
- or upload locally with
twinefor a one-off check
spathodepends onhistoseg, so releases should be coordinated.- When
spathobegins using new runtime APIs fromhistoseg, publish the requiredhistosegversion first and then raise the lower bound inpyproject.toml. - After updating the
histoseglower bound, create and publish a matching GitHub Release forspatho.