Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for disabling package publish #1537

Open
iamsauravsharma opened this issue Nov 4, 2019 · 1 comment
Open

Add support for disabling package publish #1537

iamsauravsharma opened this issue Nov 4, 2019 · 1 comment
Labels

Comments

@iamsauravsharma
Copy link

@iamsauravsharma iamsauravsharma commented Nov 4, 2019

  • I have searched the issues of this repo and believe that this is not a duplicate.
  • I have searched the documentation and believe that my question is not covered.

Feature Request

Currently poetry doesn't support disabling publishing of package to remote repository. Add publish key similar to publish key present over cargo manifest for rust crates. publish key can have two types of value either bool or list of repository name. The publish field can be used to prevent a package from being published to a remote repository (like PYPI) by mistake, for instance to keep a package private in a company. If bool is present and is false then package cannot be published to any remote repository. Similarly if list of remote repository name is present then package can only be published to those remote repository.

[tool.poetry]
#....
publish=false
[tool.poetry]
#....
publish=["some-remote-repository-name"]
@515hikaru

This comment has been minimized.

Copy link

@515hikaru 515hikaru commented Nov 9, 2019

I think this proposal is nice.

I set the following for packages that should not be made public.

[tool.poetry]
exclude = ["**/*"]

With this workaround, even if poetry publish is executed by mistake, the source code is not published. However, since poetry build includes pyproject.toml, setup.py, and PKG-INFO in the tar.gz file, such metadata may be disclosed.

This workaround is not good. I think you need an option to make it impossible to publish.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.