artifacts-keyring

v0.3.1

"Automatically retrieve credentials for Azure Artifacts."

PyPI

README

GitHub

MIT

Latest version published 2 months ago

    pip install artifacts-keyring

We couldn't find any similar packages Browse all packages

Package Health Score

73 / 100

Popularity
Recognized
Maintenance
Healthy
Security
Security review needed
Community
Sustainable

Make sure the open source you're using is safe to use

Secure my Project

Popularity

Recognized

Total Weekly Downloads (25,450)

Dependents: 0
GitHub Stars: 8
Forks: 11
Contributors: 8

The PyPI package artifacts-keyring receives a total of 25,450 downloads a week. As such, we scored artifacts-keyring popularity level to be Recognized.

Based on project statistics from the GitHub repository for the PyPI package artifacts-keyring, we found that it has been starred 8 times, and that 0 other projects in the ecosystem are dependent on it.

The download numbers shown are the average weekly downloads from the last 6 weeks.

Security

Security review needed

Security and license risk for latest version

Version: 0.3.1 See all versions
Release Date: 01/2021
Direct Vulnerabilities: 0
H

0
M

0
L
Indirect Vulnerabilities: 0
H

2
M

0
L
License Risk: 0
H

2
M

0
L

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Indirect License Risks

artifacts-keyring@0.3.1
- requests@2.25.1
  - certifi@2020.12.5 M

artifacts-keyring@0.3.1
- requests@2.25.1
  - chardet@4.0.0 M

License

MIT

Security Policy

We found a way for you to contribute to the project! Looks like artifacts-keyring is missing a security policy.

A security vulnerability was detected in an indirect dependency that is added to your project when the latest version of artifacts-keyring is installed.

We highly advise you to review these security issues.

You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Fix it in your project with Snyk!

Maintenance

Healthy

Commit Frequency

Open Issues: 12
Merged PR: 14
Open PR: 1
Last Commit: 2 months ago

Further analysis of the maintenance status of artifacts-keyring based on released PyPI versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that artifacts-keyring demonstrates a positive version release cadence with at least one new version released in the past 3 months.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Community

Sustainable

Readme: Yes
Contributing.md: No
Code of Conduct: Yes
Contributors: 8
Funding: No

This project has seen only 10 or less contributors.

Embed Package Health Score Badge

Package

Python Versions Compatibility: !=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,>=2.7

Age: 2 years
Latest Release: 2 months ago
Dependencies: 2 Direct / 15 Total
Versions: 6
Maintainers: 2
Wheels: OS Independent

artifacts-keyring

The artifacts-keyring package provides authentication for publishing or consuming Python packages to or from Azure Artifacts feeds within Azure DevOps.

This package is an extension to keyring, which will automatically find and use it once installed.

Both pip and twine will use keyring to find credentials.

Installation

To install this package, run the following pip command:

pip install artifacts-keyring

Usage

Requirements

To use artifacts-keyring to set up authentication between pip/twine and Azure Artifacts, the following requirements must be met:

pip version 19.2 or higher
twine version 1.13.0 or higher
python version 3.0 or higher
.Net Core runtime is installed. Refer to here for installation guideline.

Publishing packages to an Azure Artifacts feed

Once artifacts-keyring is installed, to publish a package, use the following twine command, replacing <org_name> and <feed_name> with your own:

twine upload --repository-url https://pkgs.dev.azure.com/<org_name>/_packaging/<feed_name>/pypi/upload <package_wheel_or_other_dist_format>

Installing packages from an Azure Artifacts feed

Once artifacts-keyring is installed, to consume a package, use the following pip command, replacing <org_name> and <feed_name> with your own, and <package_name> with the package you want to install:

pip install <package_name> --index-url https://pkgs.dev.azure.com/<org_name>/_packaging/<feed_name>/pypi/simple

Advanced configuration

The artifacts-keyring package is layered on top of our Azure Artifacts Credential Provider. Check out that link to the GitHub repo for more information on configuration options.

Environment variables

ARTIFACTS_KEYRING_NONINTERACTIVE_MODE: Controls whether the underlying credential provider can issue interactive prompts.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.

When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Last updated on 28 February-2021, at 08:29 (UTC).

artifacts-keyring

"Automatically retrieve credentials for Azure Artifacts."

Package Health Score

Popularity

Total Weekly Downloads (25,450)

Security

Security and license risk for latest version

certifi

chardet

Maintenance

Commit Frequency

Community

Embed Package Health Score Badge

Package

artifacts-keyring

Installation

Usage

Requirements

Publishing packages to an Azure Artifacts feed

Installing packages from an Azure Artifacts feed

Advanced configuration

Environment variables

Contributing

artifacts-keyring dependencies

What is artifacts-keyring?

Is artifacts-keyring safe to use?

Is artifacts-keyring well maintained?