I have raised[1] to partially revert the change that caused this violation. As long as the dependency(aodh) with direct url stays in tox.ini, we shouldn't run into this issue again. [1] https://review.opendev.org/c/openstack/python-aodhclient/+/874423 On Mon, Feb 20, 2023 at 5:59 PM Jeremy Stanley <fungi@yuggoth.org> wrote:
On 2023-02-20 08:23:36 +0100 (+0100), Matthias Runge wrote: [...]
thank you for the heads-up. I wonder how this could slip through the gate though. [...]
We don't perform test uploads to PyPI in the gate, and it's hitting a PyPI policy violation. It's possible `twine check` could catch things like this, though an explicit test would probably need to be added to it. Alternatively, we could start doing dev version uploads to test.pypi.org, though someone will need to create that new job (and the need to share an upload secret between projects would make that especially complicated to do in the gate pipeline).
https://github.com/pypa/pip/issues/6301
-- Jeremy Stanley
-- Yadnesh Kulkarni