Display error when uploading signed file with no distribution (#932)

* Display error when uploading signed file with no distribution Related to #931. If a user only uploads a signed .asc file without any distribution files, this now throws an error to make it more clear why Twine doesn't do anything. * Simplify logic * Clarify error message Co-authored-by: Jacob Woliver <jmwoliver@pm.me>
pypa · Dec 5, 2022 · a43f6ea · a43f6ea
1 parent 75c3d86
commit a43f6ea
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 0 deletions.
diff --git a/AUTHORS b/AUTHORS
@@ -32,3 +32,4 @@ Yesha Maggi <yesha.maggic@gmail.com>
 Cyril de Catheu <cdecatheu@gmail.com> (https://catheu.tech/)
 Thomas Miedema <thomasmiedema@gmail.com>
 Hugo van Kemenade (https://github.com/hugovk)
+Jacob Woliver <jacob@jmw.sh> (jmw.sh)
diff --git a/changelog/931.misc.rst b/changelog/931.misc.rst
@@ -0,0 +1 @@
+Throws an error when uploading signed files without any distribution files.
diff --git a/tests/test_upload.py b/tests/test_upload.py
@@ -178,6 +178,18 @@ def test_success_with_pre_signed_distribution(upload_settings, stub_repository):
     )
 
 
+def test_exception_with_only_pre_signed_file(upload_settings, stub_repository):
+    """Raise an exception when only a signed file is uploaded."""
+    # Upload only pre-signed file
+    with pytest.raises(exceptions.InvalidDistribution) as err:
+        upload.upload(upload_settings, [helpers.WHEEL_FIXTURE + ".asc"])
+
+    assert (
+        "Cannot upload signed files by themselves, must upload with a "
+        "corresponding distribution file." in err.value.args[0]
+    )
+
+
 def test_success_when_gpg_is_run(upload_settings, stub_repository, monkeypatch):
     """Add GPG signature generated by gpg command to uploaded package."""
     # Indicate that upload() should run_gpg() to generate the signature, which

diff --git a/twine/commands/upload.py b/twine/commands/upload.py
@@ -127,6 +127,12 @@ def upload(upload_settings: settings.Settings, dists: List[str]) -> None:
     repository = upload_settings.create_repository()
     uploaded_packages = []
 
+    if signatures and not packages_to_upload:
+        raise exceptions.InvalidDistribution(
+            "Cannot upload signed files by themselves, must upload with a "
+            "corresponding distribution file."
+        )
+
     for package in packages_to_upload:
         skip_message = (
             f"Skipping {package.basefilename} because it appears to already exist"