`uv publish` giving `Missing credentials for https://upload.pypi.org/legacy/`

[jamesbraza]

I moved from this GitHub Actions that publishes to PyPI using:

      - uses: pypa/gh-action-pypi-publish@release/v1
        with:
          password: ${{ secrets.PYPI_API_TOKEN }}

To this with uv==0.4.20:

      - run: uv publish
        env:
          UV_PUBLISH_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}

However, uv publish fails with:

warning: `uv publish` is experimental and may change without warning
Publishing 2 files https://upload.pypi.org/legacy/
Uploading ldp-0.10.0-py3-none-any.whl (90.7KiB)
error: Failed to publish `dist/repo-0.10.0-py3-none-any.whl` to https://upload.pypi.org/legacy/
  Caused by: Failed to send POST request
  Caused by: Missing credentials for https://upload.pypi.org/legacy/
Error: Process completed with exit code 2.

What am I doing wrong here? Also, I am thinking perhaps the stack could be made more user friendly

[charliermarsh]

\cc @konstin

[charliermarsh]

I think you need UV_PUBLISH_TOKEN instead?

[zanieb]

Yeah I think you want to set it via the token variable or provide a username (UV_PUBLISH_USERNAME=__token__)

[charliermarsh]

(If that's the issue, we should def have a custom error for this.)

[jamesbraza]

This worked indeed:

      - run: uv publish
        env:
---          UV_PUBLISH_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
+++          UV_PUBLISH_TOKEN: ${{ secrets.PYPI_API_TOKEN }}

It's slightly strange to me because pypa/gh-action-pypi-publish@release/v1 had password configured. I wonder if they automatically fail over from trying password to trying token.

So yes perhaps uv can nice-ify Missing credentials a bit

[charliermarsh]

Okay awesome. Yeah, let's fix up this error message etc.

[konstin]

it's unfortunate that pypa/gh-action-pypi-publish@release/v1 calls the token a password. We can catch using a password without a username in clap, I don't think we need to special case the password -> token migration: #8045.