Codecov Report

Patch and project coverage have no change.

Comparison is base (c365920) 85.92% compared to head (8dfd93f) 85.92%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff            @@
##           develop     #275   +/-   ##
========================================
  Coverage    85.92%   85.92%           
========================================
  Files           23       23           
  Lines         6081     6081           
========================================
  Hits          5225     5225           
  Misses         856      856           

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

Oh interesting, codecov wants us to install their app. Not sure why this is needed for public projects though

rpm-build:fedora-rawhide-x86_64 has failed. Is it expected?

@atztogo We need to configure spglib's PyPI project to add GitHub Actions as a trusted publisher. The "trusted publishing" seems to be recommended by PyPI, and I think that it is more secure than using secret tokens. What do you think?

• Publishing to PyPI with a Trusted Publisher https://docs.pypi.org/trusted-publishers/
• Adding a Trusted Publisher to an Existing PyPI Project - PyPI Docs https://docs.pypi.org/trusted-publishers/adding-a-publisher/

rpm-build:fedora-rawhide-x86_64 has failed. Is it expected?

Oh that's just a bug in scikit-build-core 0.4.0. (Mostly only relevant in packaging so won't edit pyproject.toml)

/packit build

@atztogo We need to configure spglib's PyPI project to add GitHub Actions as a trusted publisher. The "trusted publishing" seems to be recommended by PyPI, and I think that it is more secure than using secret tokens. What do you think?

• Publishing to PyPI with a Trusted Publisher https://docs.pypi.org/trusted-publishers/
• Adding a Trusted Publisher to an Existing PyPI Project - PyPI Docs https://docs.pypi.org/trusted-publishers/adding-a-publisher/

Ping @jochym.

Let's do it.

I have added GitHub as trusted publiser for spglib's PyPI project.

I have added GitHub as trusted publiser for spglib's PyPI project.

Please use PyPI name for the environment

@LecrisUT
Sure, I've specified "pypi" environment, and created "pypi" environment in this repository.

Can you rename environment variables in release.yml

• PyPI -> pypi
• TestPyPI -> pypi
  Although the environment name is not case sensitive, it will less confusing.

@atztogo Can you grant me access to manage spglib's TestPyPI project or set the trusted publisher for TestPyPI? I can set up them in PyPI but cannot in TestPyPI.

@atztogo Can you grant me access to manage spglib's TestPyPI project or set the trusted publisher for TestPyPI? I can set up them in PyPI but cannot in TestPyPI.

@jochym, I made @lan496 as an owner of TestPyPI.

@atztogo Thank you.
I've added GitHub to the trusted publisher for TestPyPI's spglib project as well.

Ok, made the changes and simplified the workflow back to the previous one