Allow pypi password to be specified on the console

[ccmaymay]

Some people don't like to save passwords in cleartext on disk. If a password is not specified in .pypirc could it be read and passed on from the console, e.g., using getpass?

[reinout]

I don't know, actually. We use "twine" for the actual upload. Twine apparently supports keychain and prompt:

https://github.com/pypa/twine/blob/3efd3b5d2715f537096b95cb2e6853e02990b059/twine/utils.py

Could be worth a try. I don't know if it works if twine starts prompting (as in: do we capture the prompt or does it 'just work'). If twine works OK, it might still be that we need to disable a check we do on the .pypirc ourselves.

[ccmaymay]

With no password set in .pypirc I get the following during a release:

Upload to pypi (Y/n)? Y
Uploading concrete-4.12.8.dev0.tar.gz
[================================] 200134/200134 - 00:00:00
Response status code: 401
Reason: You must be identified to edit package information
There were errors or warnings.
ERROR: Package upload has failed.
None
Retry this command? [Yes/no/quit/?]

(There is no prompt for a password.)

[brainwane]

keyring support might be the way to go here.