Skip to content

hatch publish and twine upload not recognizing .pypirc credentials #73

@idanmoradarthas

Description

@idanmoradarthas

Description

When attempting to publish the package to PyPI using either hatch publish or twine upload dist/*, I'm being prompted to enter username and password despite having a .pypirc file with API token credentials.

Root Cause

The .pypirc file is located in the project folder, but both Hatch and Twine expect it to be in the user's home directory by default:

  • Windows: %USERPROFILE%\.pypirc (e.g., C:\Users\YourUsername\.pypirc)
  • Linux/Mac: ~/.pypirc

Additionally, the .pypirc uses a custom index server name [data-science-utils] instead of the standard [pypi] name.

Current .pypirc Configuration

Located in project folder:

[distutils]
index-servers =
    data-science-utils

[data-science-utils]
repository = https://upload.pypi.org/legacy/
username = __token__
password = pypi-<actual-token>

Proposed Solutions

Option 1: Move .pypirc to Home Directory (Standard Approach)

  1. Move .pypirc from project folder to home directory
  2. Update the configuration to use standard [pypi] name:
[distutils]
index-servers =
    pypi

[pypi]
repository = https://upload.pypi.org/legacy/
username = __token__
password = pypi-<actual-token>
  1. Add .pypirc to .gitignore (if not already present)
  2. Keep using hatch publish in deploy-pypi.bat

Pros: Standard convention, works with all tools
Cons: Requires moving file outside project directory

Option 2: Use Twine with Custom Config File (Recommended for Project-Local Credentials)

Update deploy-pypi.bat to use Twine's --config-file flag:

IF EXIST dist rmdir /s /q dist
hatch build
twine upload --config-file .pypirc dist/*

Update .pypirc to use standard [pypi] name:

[distutils]
index-servers =
    pypi

[pypi]
repository = https://upload.pypi.org/legacy/
username = __token__
password = pypi-<actual-token>

Pros: Keeps credentials in project folder, works with existing setup
Cons: Relies on Twine instead of Hatch for publishing
Note: Hatch does not support custom .pypirc locations

Option 3: Use Environment Variables with Hatch

Update deploy-pypi.bat:

IF EXIST dist rmdir /s /q dist
hatch build
set HATCH_INDEX_USER=__token__
set HATCH_INDEX_AUTH=pypi-<actual-token>
hatch publish

Pros: No config file needed, keeps using Hatch
Cons: Token in script file (must be kept secure)

Option 4: Use System Keyring

Install and configure keyring:

pip install keyring
keyring set https://upload.pypi.org/legacy/ __token__

Then enter the token when prompted. After that, hatch publish will use the keyring automatically.

Pros: Most secure, credentials stored in system keyring
Cons: Requires one-time manual setup per machine

Recommendation

Use Option 2 (Twine with --config-file) since:

  • Twine is already in dev dependencies
  • Allows keeping .pypirc in project folder (just ensure it's in .gitignore)
  • Simple one-line change to deploy-pypi.bat
  • Works immediately without additional setup

Action Items

  • Decide on preferred solution approach
  • Update .pypirc section name from [data-science-utils] to [pypi]
  • Verify .pypirc is in .gitignore
  • Update deploy-pypi.bat based on chosen solution
  • Test publishing workflow

Metadata

Metadata

Labels

bugSomething isn't working

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions