This is an automated email from the ASF dual-hosted git repository. ebenizzy pushed a commit to branch burr-0.42.0 in repository https://gitbox.apache.org/repos/asf/burr.git
commit 3a4ff0702a69eaea682017f1c420c30bed4adff5 Author: Elijah ben Izzy <[email protected]> AuthorDate: Sun Feb 1 20:44:53 2026 -0800 Add twine-check command for voter verification Add twine-check subcommand to allow voters to independently verify wheel metadata during release voting. This gives voters an additional tool to validate package quality beyond signature and license checks. --- scripts/verify_apache_artifacts.py | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/scripts/verify_apache_artifacts.py b/scripts/verify_apache_artifacts.py index f4861d32..61228e7a 100755 --- a/scripts/verify_apache_artifacts.py +++ b/scripts/verify_apache_artifacts.py @@ -40,6 +40,7 @@ Usage: """ import argparse +import glob import hashlib import os import shutil @@ -610,6 +611,35 @@ def cmd_list_contents(args) -> None: list_contents(args.artifact) +def cmd_twine_check(args) -> bool: + """Verify wheel metadata with twine.""" + _print_section("Verifying Wheel Metadata with Twine") + + wheel_pattern = f"{args.artifacts_dir}/apache_burr-*.whl" + wheel_files = glob.glob(wheel_pattern) + + if not wheel_files: + print(f"ā No wheel found matching: {wheel_pattern}") + return False + + for wheel_path in wheel_files: + print(f"\nChecking {os.path.basename(wheel_path)}...") + try: + subprocess.run( + ["twine", "check", wheel_path], + check=True, + capture_output=True, + text=True, + ) + print(f" ā {os.path.basename(wheel_path)} metadata is valid") + except subprocess.CalledProcessError as e: + print(f" ā Twine check failed: {e.stderr}") + return False + + print("\nā All wheels passed twine validation") + return True + + # ============================================================================ # CLI Entry Point # ============================================================================ @@ -683,6 +713,12 @@ Examples: help="Generate report but don't fail on license issues", ) + # twine-check subcommand + twine_parser = subparsers.add_parser("twine-check", help="Verify wheel metadata with twine") + twine_parser.add_argument( + "--artifacts-dir", default="dist", help="Directory containing artifacts (default: dist)" + ) + args = parser.parse_args() # Dispatch to command handler @@ -697,6 +733,8 @@ Examples: success = cmd_licenses(args) elif args.command == "all": success = cmd_all(args) + elif args.command == "twine-check": + success = cmd_twine_check(args) else: _fail(f"Unknown command: {args.command}") except KeyboardInterrupt:
