The main-branch publish workflow currently writes bundle release sidecar files into the same dist/ directory used for Python package distributions.
That causes pypa/gh-action-pypi-publish to scan non-distribution files such as policyengine-bundle-<version>.citation.txt and fail with an InvalidDistribution error, even after bundle package metadata verification succeeds.
Expected behavior:
dist/ should contain only PyPI-uploadable artifacts, such as the wheel and sdist.
- Bundle sidecars, including the exported bundle JSON, constraints file, citation file, and verification JSON, should be written to a separate release asset directory.
- The PyPI publish action should publish only from
dist/.
- The GitHub Release creation step should upload bundle sidecars from the separate release asset directory.
The main-branch publish workflow currently writes bundle release sidecar files into the same
dist/directory used for Python package distributions.That causes
pypa/gh-action-pypi-publishto scan non-distribution files such aspolicyengine-bundle-<version>.citation.txtand fail with anInvalidDistributionerror, even after bundle package metadata verification succeeds.Expected behavior:
dist/should contain only PyPI-uploadable artifacts, such as the wheel and sdist.dist/.