.. toctree:: :hidden: :maxdepth: 3 changelog contributing Code of Conduct <https://github.com/pypa/.github/blob/main/CODE_OF_CONDUCT.md> PyPI Project <https://pypi.org/project/twine/> GitHub Repository <https://github.com/pypa/twine> Python Packaging Tutorial <https://packaging.python.org/tutorials/distributing-packages/>
Twine is a utility for publishing Python packages to PyPI and other repositories. It provides build system independent uploads of source and binary distribution artifacts for both new and existing projects.
The goal of Twine is to improve PyPI interaction by improving security and testability.
The biggest reason to use Twine is that it securely authenticates
you to PyPI over HTTPS using a verified connection, regardless of
the underlying Python version. Meanwhile, python setup.py upload
will only work correctly and securely if your build system, Python
version, and underlying operating system are configured properly.
Secondly, Twine encourages you to build your distribution files. python
setup.py upload
only allows you to upload a package as a final step after
building with distutils
or setuptools
, within the same command
invocation. This means that you cannot test the exact file you're going to
upload to PyPI to ensure that it works before uploading it.
Finally, Twine allows you to pre-sign your files and pass the
.asc
files into the command line invocation (twine upload
myproject-1.0.1.tar.gz myproject-1.0.1.tar.gz.asc
). This enables you
to be assured that you're typing your gpg
passphrase into gpg
itself and not anything else, since you will be the one directly
executing gpg --detach-sign -a <filename>
.
- Verified HTTPS connections
- Uploading doesn't require executing
setup.py
- Uploading files that have already been created, allowing testing of distributions before release
- Supports uploading any packaging format (including wheels)
pip install twine
Create some distributions in the normal way:
python -m build
Upload to Test PyPI and verify things look right:
twine upload -r testpypi dist/*
Twine will prompt for your username and password.
Upload to PyPI:
twine upload dist/*
Done!
More documentation on using Twine to upload packages to PyPI is in the Python Packaging User Guide.
Uploads one or more distributions to a repository.
.. program-output:: twine upload -h
Checks whether your distribution's long description will render correctly on PyPI.
.. program-output:: twine check -h
Pre-register a name with a repository before uploading a distribution.
Warning
Pre-registration is not supported on PyPI, so the register
command is
only necessary if you are using a different repository that requires it. See
issue #1627 on Warehouse (the software running on PyPI) for more details.
.. program-output:: twine register -h
Twine can read repository configuration from a .pypirc
file, either in your
home directory, or provided with the --config-file
option. For details on
writing and using .pypirc
, see the specification in the Python
Packaging User Guide.
Twine also supports configuration via environment variables. Options passed on
the command line will take precedence over options set via environment
variables. Definition via environment variable is helpful in environments where
it is not convenient to create a .pypirc
file (for example,
on a CI/build server).
TWINE_USERNAME
- the username to use for authentication to the repository.TWINE_PASSWORD
- the password to use for authentication to the repository.TWINE_REPOSITORY
- the repository configuration, either defined as a section in.pypirc
or provided as a full URL.TWINE_REPOSITORY_URL
- the repository URL to use.TWINE_CERT
- custom CA certificate to use for repositories with self-signed or untrusted certificates.TWINE_NON_INTERACTIVE
- Do not interactively prompt for username/password if the required credentials are missing.
Twine can be configured to use a proxy by setting environment variables. For example:
export HTTPS_PROXY=socks5://user:pass@host:port
twine upload dist/*
Alternatively, one can set the environment variable for the command itself without exporting it for other tools as well:
HTTPS_PROXY=socks5://user:pass@host:port twine upload dist/*
For more information, see the Requests documentation on proxies and SOCKS , and an in-depth article about proxy environment variables.
Instead of typing in your password every time you upload a distribution, Twine allows storing a username and password securely using keyring. Keyring is installed with Twine but for some systems (Linux mainly) may require additional installation steps.
Once Twine is installed, use the keyring
program to set a username and
password to use for each repository to which you may upload.
For example, to set a username and password for PyPI:
keyring set https://upload.pypi.org/legacy/ your-username
and enter the password when prompted.
For a different repository, replace the URL with the relevant repository
URL. For example, for Test PyPI, use https://test.pypi.org/legacy/
.
The next time you run twine
, it will prompt you for a username, and then
get the appropriate password from Keyring.
Note
If you are using Linux in a headless environment (such as on a server) you'll need to do some additional steps to ensure that Keyring can store secrets securely. See Using Keyring on headless systems.
In most cases, simply not setting a password with keyring
will allow Twine
to fall back to prompting for a password. In some cases, the presence of
Keyring will cause unexpected or undesirable prompts from the backing system.
In these cases, it may be desirable to disable Keyring altogether. To disable
Keyring, run:
keyring --disable
See Twine issue #338 for discussion and background.