biscuit-python is part of the Eclipse Biscuit project and as such needs to conform the eclipse project management guidelines.
Eclipse projects can only be released within the validity period of a release review (they last for 1 year).
- make sure
README.md,CODE_OF_CONDUCT.md,SECURITY.mdare present and up-to-date - make sure
LICENSEis present and that all source files are properly annotated with copyright and license information - make sure dependency license information is correctly vetted:
cargo tree -e normal --prefix none --no-dedupe | sort -u | grep -v '^[[:space:]]*$' | grep -v biscuit | sed -E 's|([^ ]+) v([^ ]+).*|crate/cratesio/-/\1/\2|' | java -jar org.eclipse.dash.licenses-1.1.0.jar - (you’ll need to download the eclipse dash licenses jar)
This step should be automated at some point.
Note: the python library does not have any dependency so this step is only required for rust dependencies.
If the most recent release review is outdated, we will need to start a new one on the project governance page.
- update the version in
Cargo.toml; - update
CHANGELOG.md(ideally, try to update it in each PR, in an unreleased section to make things easier); - merge the PR;
- tag the new
maincommit, this will trigger the pypi release.