Anyone can register and upload packages to PyPI provided that he or she has an account registered. Packages are bound to the user, so, by default, only the user that registered the name of the package is its admin and can upload new distributions. This could be a problem for bigger projects, so there is an option to mark other users as package maintainers so that they are able to upload new distributions too.
The easiest way to upload a package is to use the following upload command of the setup.py script:
$ python setup.py <dist-commands> upload
Here, <dist-commands> is a list of commands that creates distributions to upload. Only distributions created during the same setup.py execution will be uploaded to the repository. So, if you upload source distribution, built distribution, and wheel package at once, then you need to issue the following command:
$ python setup.py sdist bdist bdist_wheel upload
When uploading using setup.py, you cannot reuse distributions that were already built in previous command calls and are forced to rebuild them on every upload. This may be inconvenient for large or complex projects where creation of the actual distribution may take a considerable amount of time. Another problem of setup.py upload is that it can use plain text HTTP or unverified HTTPS connections on some Python versions. This is why Twine is recommended as a secure replacement for the setup.py upload command.
Twine is the utility for interacting with PyPI that currently serves only one purpose—securely uploading packages to the repository. It supports any packaging format and always ensures that the connection is secure. It also allows you to upload files that were already created, so you are able to test distributions before release. The following example usage of twine still requires invoking the setup.py script for building distributions:
$ python setup.py sdist bdist_wheel
$ twine upload dist/*
Let's see what .pypric is in the next section.