Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.9.24 to 2022.12.7.
- [Release notes](https://github.com/certifi/python-certifi/releases)
- [Commits](certifi/python-certifi@2022.09.24...2022.12.07)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

…-2022.12.7

updates:
- [github.com/asottile/add-trailing-comma.git: v2.3.0 → v2.4.0](https://github.com/asottile/add-trailing-comma.git/compare/v2.3.0...v2.4.0)
- [github.com/PyCQA/isort.git: 5.10.1 → 5.11.4](https://github.com/PyCQA/isort.git/compare/5.10.1...5.11.4)
- [github.com/python-jsonschema/check-jsonschema.git: 0.18.3 → 0.19.2](https://github.com/python-jsonschema/check-jsonschema.git/compare/0.18.3...0.19.2)
- [github.com/pre-commit/pre-commit-hooks.git: v4.3.0 → v4.4.0](https://github.com/pre-commit/pre-commit-hooks.git/compare/v4.3.0...v4.4.0)
- [github.com/codespell-project/codespell: v2.2.1 → v2.2.2](codespell-project/codespell@v2.2.1...v2.2.2)
- [github.com/PyCQA/flake8.git: 4.0.1 → 6.0.0](https://github.com/PyCQA/flake8.git/compare/4.0.1...6.0.0)
- [github.com/PyCQA/pylint.git: v2.15.3 → v2.15.9](https://github.com/PyCQA/pylint.git/compare/v2.15.3...v2.15.9)

Bumps [cryptography](https://github.com/pyca/cryptography) from 38.0.4 to 39.0.1.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@38.0.4...39.0.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

…raphy-39.0.1

Bump cryptography from 38.0.4 to 39.0.1 in /requirements

The previous version had a Poetry packaging problem. This patch
fixes that.

Before this patch, the warning would say that the token was
expected to start with `pypi-` but it may be unobvious. With this
change, the end-users are warned when they're passing a completely
empty password value.

Fixes #25.

This patch implements displaying a warning when the password
input passed in to the action is empty.

Up until now, the action input names followed the snake_case naming
pattern that is well familiar to the pythonistas. But in GitHub
actions, the de-facto standard is using kebab-case, which is what
this patch achieves.
This style helps make the keys in YAML better standardized and
distinguishable from other identifiers.
The old snake_case names remain functional for the time being and will
not be removed until at least v3 release of this action.

This patch normalizes the action inputs to be kebab-case while keeping
the old snake_case fallbacks working.

The previous release didn't take into account the action defaults so
the promised fallbacks for the old input names didn't work. This patch
corrects that mistake.

Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>

This patch implements support for secret-less OIDC-based publishing to
PyPI-like package indexes. The OIDC flow is activated when neither
username, nor password action inputs are set.

The OIDC "token exchange," is an authentication technique that PyPI
(and TestPyPI, and hopefully some future others) supports as an
alternative to long-lived username/password combinations or API
tokens.

OIDC token exchange boils down to the following set of steps:

1. A user (currently only someone in the OIDC beta on PyPI) configured
   a particular GitHub Actions workflow in their repository as a
   trusted OIDC publisher;
2. That workflow uses this action to mint an OIDC token;
3. That OIDC token is sent to PyPI (or another index), which exchanges
   it for a temporary API token;
4. That API token is used as normal.

For the seamless configuration-free upload to work, the end-users are
expected to explicitly assign the `id-token: write` privilege to the
auto-injected `GITHUB_TOKEN` secret on the job level. They should also
set up GHA workflow trust on the PyPI side.

PyPI's documentation: https://pypi.org/help/#openid-connect
Beta test enrollment: pypi/warehouse#12965

close: #130

This patch fixes the default PyPI upload URL in the action metadata — a regression that happened in v1.8.0.