Possibly flaky zip confusion detection in the upload endpoint #18848
Description
Describe the bug
I triggered a long-existing release automation in GHA and in failed with a
ERROR HTTPError: 400 Bad Request from https://upload.pypi.org/legacy/
Invalid distribution file. ZIP archive not accepted: Trailing dataI eventually realized that this must be https://github.com/pypi/warehouse/pull/18492/files#diff-c82bacd0e7b8c5b66fa409fb14ee9258d051e6eb5e33102887251641b5bd9747R310.
But I don't understand what might've caused it or how to validate things. The GHA workflow is stuck on an older cibuildwheel because of upgrade blockers so I thought it might've caused the problem. But I really don't know.
One point of confusion was that the same workflow has jobs uploading to PyPI and TestPyPI. And the TestPyPI upload didn't have any problems.
Later, I triggered a new release and it succeeded. It's a mystery why the first publishing attempt failed on one of the wheels but I suspect that the check might be flaky or the dist got corrupted during upload.
Expected behavior
The check should not produce false-positives or at least give instructions on how to check the seemingly illegal dists locally.
To Reproduce
Zero clue.
My Platform
GHA but doesn't really matter.
Additional context
This is all I've got for now. It's not much but I figured it's better to have it documented in public for possible future investigations.
The failure in question is visible at https://github.com/ansible/pylibssh/actions/runs/18421022338/job/52496497562#step:3:332.