Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds PyPI publishing workflows and refactors SBOM generation jobs to improve clarity and correctness. The changes separate staging and production SBOM generation into distinct jobs with proper conditional execution, eliminating complex runtime checks.
Changes:
- Added a new PyPI/TestPyPI publishing workflow triggered on releases
- Split SBOM generation jobs into separate staging and production workflows with job-level conditionals
- Removed runtime
should_runchecks in favor of declarativeifconditions at the job level
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| .github/workflows/sbomify.yaml | Refactored SBOM generation by splitting into separate staging/production jobs with clearer conditionals |
| .github/workflows/pypi.yaml | Added new workflow for publishing Python packages to PyPI and TestPyPI on releases |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| echo "$HOME/.local/bin" >> $GITHUB_PATH | ||
|
|
||
| - name: Build a binary wheel and a source tarball | ||
| run: | |
There was a problem hiding this comment.
The --frozen flag requires an exact lock file match, which may cause build failures if the lock file is out of sync. Consider using uv sync without --frozen or adding a verification step to ensure the lock file is up to date before building.
| run: | | |
| run: | | |
| uv lock |
1 participant
No description provided.