merge queue: embarking main (d31d0b7) and #1355 together#1360
Closed
mergify[bot] wants to merge 3 commits intomainfrom
Closed
merge queue: embarking main (d31d0b7) and #1355 together#1360mergify[bot] wants to merge 3 commits intomainfrom
mergify[bot] wants to merge 3 commits intomainfrom
Conversation
The 2026.5.5.1 release upload to PyPI failed with ``400 License-File LICENSE does not exist in distribution file mergify_cli-2026.5.5.1.tar.gz at mergify_cli-2026.5.5.1/LICENSE``. Maturin auto-derives a ``License-File: LICENSE`` PEP 639 metadata field from ``license = "Apache-2.0"`` plus the project root ``LICENSE`` file, but the sdist tarball (``maturin sdist``) packs the cargo workspace and the Python source dir without picking up the project root ``LICENSE`` itself. PyPI's upload validator cross-checks the metadata against the tarball contents and 400s when they disagree. Listing ``LICENSE`` in ``[tool.maturin].include`` puts it back in both the wheel and the sdist, so the metadata claim is honored and PyPI accepts the upload. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Change-Id: Ie45717750af52467929600966592cb8453d3b4d2
Without this, packaging-metadata bugs only surface at ``release: published`` time — release 2026.5.5.1 was rejected by PyPI's upload validator with ``400 License-File LICENSE does not exist in distribution file`` because the LICENSE auto-bundling hadn't been wired up. PR CI couldn't have caught it: ``build-sdist`` was gated on ``inputs.stamp-version``, so PR runs skipped the sdist entirely, and there was no twine invocation anywhere. Two changes: 1. ``build-sdist`` now runs on every PR. The version-stamping step and the artifact upload still gate on ``inputs.stamp-version`` (PR builds keep the placeholder version and skip the upload — the artifact is only useful for the publish job in ``release.yml``). The Python toolchain is provisioned the same way as the wheel jobs. 2. ``twine check --strict`` runs against both the wheel (per matrix target) and the sdist immediately after each is built. Strict mode applies the same metadata rules PyPI's upload validator does — README rendering, ``Description-Content-Type``, ``License-File`` presence — so a mismatch fails PR CI instead of the next release. The cost is one extra ubuntu-24.04 job (~30s for sdist + twine check) and a few seconds per wheel-matrix shard for the twine install + check. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Change-Id: I0f7338df02bbf600804a58bcb996bcb882de6010
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎉 This pull request has been checked successfully and will be merged soon. 🎉
Branch main (d31d0b7) and #1355 are embarked together for merge.
This pull request has been created by Mergify to speculatively check the mergeability of #1355.
You don't need to do anything. Mergify will close this pull request automatically when it is complete.
Required conditions of queue rule
defaultfor merge:depends-on = Mergifyio/mergify-cli#1354[⛓️ fix(packaging): bundle LICENSE in wheel and sdist #1354]title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert|ui)(?:\(.+\))?:#approved-reviews-by>=2author = dependabot[bot]author = mergify-ci-botauthor = renovate[bot]body ~= (?ms:.{48,})#changes-requested-reviews-by = 0#review-requested = 0#review-threads-unresolved = 0check-success=ci-gateRequired conditions to stay in the queue:
base=maindepends-on = Mergifyio/mergify-cli#1354[⛓️ fix(packaging): bundle LICENSE in wheel and sdist #1354]label!=manual mergetitle ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert|ui)(?:\(.+\))?:#approved-reviews-by>=2author = dependabot[bot]author = mergify-ci-botauthor = renovate[bot]body ~= (?ms:.{48,})#changes-requested-reviews-by = 0#review-requested = 0#review-threads-unresolved = 0check-success=ci-gate