Skip to content

feat: add PyPI trusted publishing instructions#1845

Merged
danielkov merged 6 commits intomainfrom
feat/pypi-trusted-publishing-instructions
Feb 4, 2026
Merged

feat: add PyPI trusted publishing instructions#1845
danielkov merged 6 commits intomainfrom
feat/pypi-trusted-publishing-instructions

Conversation

@danielkov
Copy link
Copy Markdown
Contributor

@danielkov danielkov commented Feb 4, 2026

Summary

Adds instructions for configuring PyPI trusted publishing when users run speakeasy configure publishing with a Python target that has useTrustedPublishing: true configured.

Changes

  • Add PyPITrustedPublishingConfig struct
  • Add getPyPITrustedPublishingInstructions() function that generates user-facing instructions
  • Update configurePublishing() to detect PyPI trusted publishing configs and display setup instructions
  • Update sdk-gen-config dependency to v1.47.1 (includes UseTrustedPublishing field)

Instructions Output

When a user has configured trusted publishing, they'll see:

• Configure trusted publishing for your PyPI package 'my-package':
    ◦ Navigate to https://pypi.org/manage/project/my-package/settings/publishing/
    ◦ Add a new 'trusted publisher' with the following configuration:
        - Owner: my-org
        - Repository name: my-repo
        - Workflow name: sdk_publish.yaml
        - Environment name: <Leave Blank>
• Navigate to https://github.com/my-org/my-repo/actions to regenerate and publish
• Your package will be published with attestations. Verify at https://pypi.org/project/my-package/#files

Related PRs

🤖 Generated with Claude Code

danielkov and others added 4 commits February 4, 2026 11:27
@danielkov @claude
feat: add PyPI trusted publishing instructions
8ce4eed 
Add instructions for configuring PyPI trusted publishing when users run
`speakeasy configure publishing` with a Python target that has
`useTrustedPublishing: true` configured.

The instructions guide users to:
1. Navigate to PyPI project settings
2. Add GitHub Actions as a trusted publisher
3. Configure the correct owner, repo, and workflow name
4. Verify attestations after publishing

Also updates sdk-gen-config dependency to include the new
`UseTrustedPublishing` field on the PyPi publishing config.

Co-Authored-By: Claude <noreply@anthropic.com>
@danielkov
Merge branch 'main' into feat/pypi-trusted-publishing-instructions
ef49835
@danielkov
feat: add oidc flag to pub conf + skip token
3e8e729
@danielkov @claude
fix(ci): add DOTNET_INSTALL_DIR to fix Windows dotnet CLI detection
5dd0654 
Reference: dotnet/sdk#44957

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@danielkov danielkov enabled auto-merge (squash) February 4, 2026 14:04
@danielkov @claude
Resolve merge conflict in configure.go
6d56d20 
Keep configureTargetNonInteractive function from main while preserving
ConfigurePublishingFlags parameter type for configurePublishing function.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@danielkov danielkov merged commit a5094fb into main Feb 4, 2026
4 checks passed
@danielkov danielkov deleted the feat/pypi-trusted-publishing-instructions branch February 4, 2026 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vishalg0wda vishalg0wda vishalg0wda approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danielkov @vishalg0wda