Python | 發包 2018 入坑記錄

最近業務須要抽離，抽離出來的應用須要作成 Django 第三方包的形式，能夠在任何 Django（也沒那麼神奇，例若有些版本就沒測試）版本項目中，直接安裝使用，因此這裏仍是須要發包到 pypi。

第一次發包

我是先發到 test 環境 https://testpypi.python.org/，看下發包仍是不是符合個人預期，畢竟很長時間沒發過包。

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
  0%|                                                                                                            | 0.00/18.5k [00:00<?, ?B/s]
SSLError: HTTPSConnectionPool(host='test.pypi.org', port=443): Max retries exceeded with url: /legacy/ (Caused by SSLError(SSLError(1, u'[SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:661)'),))

結果打臉，查了下資料，http://pyfound.blogspot.hk/20...，摘出來一部分

There are two deadlines to upgrade your Python to a version with the latest TLS. The first comes soon, on April 30, 2017, when python.org sites without Extended Validation Certificates will stop supporting TLS 1.0 and 1.1. These sites include:

testpypi.python.org
test.pypi.org
files.pythonhosted.org

大意是什麼呢，意思就是提醒趕忙升級 python，那個後面只會只支持使用 TLS 1.2 版本的協議，低版本的再也不支持了，很不幸，testpypi.python.org 這個測試站點中止支持 TLS 1.0 和 1.1

接着按照給出的例子，本身測了下

python -m pip install --upgrade requests
python -c "import requests; print(requests.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version'])"

TLS 1.0

If you see "TLS 1.2", your interpreter's TLS is up to date. If you see "TLS 1.0" or an error like "tlsv1 alert protocol version", then you must upgrade. ↩

第二次發包

按照文檔上講的，個人 python 過期了，那就直接升到 2.7.14；升完再跑一遍

python -c "import requests; print(requests.get('https://www.howsmyssl.com/a/check', verify=False).json()['tls_version'])"
/Users/allen/Develop/py3env/lib/python3.6/site-packages/urllib3/connectionpool.py:858: InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings
  InsecureRequestWarning)
TLS 1.2

這下是否能夠省心了，繼續個人發包

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
  0%|                                                                                                            | 0.00/18.5k [00:00<?, ?B/s]
SSLError: HTTPSConnectionPool(host='test.pypi.org', port=443): Max retries exceeded with url: /legacy/ (Caused by SSLError(SSLError(1, u'[SSL: TLSV1_ALERT_PROTOCOL_VERSION] tlsv1 alert protocol version (_ssl.c:661)'),))

很不幸，繼續躺着，谷歌了下 pip install pyOpenSSL 若是已經安裝了，更新下，保險；

第三次發包

twine upload  -r pypitest dist/django-xxxxx-0.0.1.tar.gz
Uploading distributions to https://test.pypi.org/legacy/
Uploading django-xxxxx-0.0.1.tar.gz
100%|███████████████████████████████████████████████████████████████████████████████████████████████████| 18.5k/18.5k [00:08<00:00, 2.13kB/s]

終於跑起來了，小結下

• 若是 Python 版本低，升級
• 若是 pyOpenSSL 版本低，升級
• 若是 requests 版本低，升級