Google Git
Sign in
pigweed/third_party/github/pybind/pybind11/e445ca2bde48100b5cb370f216b4e8cc73b464f8^!/.
commit
e445ca2bde48100b5cb370f216b4e8cc73b464f8
[log]
author
Henry Schreiner <HenrySchreinerIII@gmail.com>
Fri Sep 13 20:21:43 2024 -0400
committer
Henry Schreiner <henryschreineriii@gmail.com>
Fri Sep 13 20:23:40 2024 -0400
tree
c92f64efd71123b20a0afd99de27f67331f478ab
parent
7b67d8e9745074aa276770bbb9425da03f59dc59 [diff]
ci: PyPI attestations (#5374)


diff --git a/.github/workflows/pip.yml b/.github/workflows/pip.yml
index a2c4dba..3713537 100644
--- a/.github/workflows/pip.yml
+++ b/.github/workflows/pip.yml

@@ -91,11 +91,12 @@
     runs-on: ubuntu-latest
     if: github.event_name == 'release' && github.event.action == 'published'
     needs: [packaging]
-    environment: pypi
+    environment:
+      name: pypi
+      url: https://pypi.org/p/pybind11
     permissions:
       id-token: write
       attestations: write
-      contents: read
 
     steps:
     # Downloads all to directories matching the artifact names
@@ -110,8 +111,10 @@
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
         packages-dir: standard/
+        attestations: true
 
     - name: Publish global package
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
         packages-dir: global/
+        attestations: true