Skip to content

Modernise and rationalise packaging #1161

@joshuagl

Description

@joshuagl

Description of issue or feature request:

Python packaging has changed significantly since the tuf packaging was created. There's been a move to declarative files, the formalisation of build system independent source tree layout in PEP 517, and the addition of new metadata to specify the build system dependencies in PEP 518.

Furthermore our current packaging is somewhat ad-hoc, with some expected files like LICENSE missing from the sdist (see #1160) and some unexpected files like tuf/ATTACKS.md included.

For reference see:
https://packaging.python.org/
https://snarky.ca/what-the-heck-is-pyproject-toml/

Current behavior:

Packaging isn't up-to-date with PyPA recommendations and our sdist includes files which don't match conventions.

Expected behavior:

Packaging is in line with current PyPA best practices and generated distributions match ecosystem conventions.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions