what does `twine upload dist/*` command do?

Question

I apologize in advance since this seems like a basic question...

I am trying to learn using mujoco(link here), and inside its python binding Makefile it has:

upload:
   rm -rf dist
   python setup.py sdist
   twine upload dist/*

What does twin upload dist/* command do? In addition, this asks me for a username and password like this:

Uploading distributions to https://pypi.python.org/pypi
Enter your username: guest
Enter your password: 
Uploading mujoco-py-0.5.7.tar.gz
HTTPError: 401 Client Error: You must be identified to edit package information for url: https://pypi.python.org/pypi
Makefile:2: recipe for target 'upload' failed

Is this asking for my computer username and password?

Answer 1

Twine is a commonly used system for uploading project builds to PyPI (the Python Package Index).

It will take care of securely transferring your project's build artifacts, in either wheel, sdist, etc. formats to PyPI or some other user defined index server.

When you specify twine upload <files>, twine will attempt to upload said files to PyPI, but in order to do so, it will require you to authenticate yourself. This is because PyPI wants to protect a project from having their advertised packages "hijacked" by a ne'er-do-well. In order for this step to proceed, you would have to give credentials that are marked as authoritative for the project that your uploaded project artifacts belong to.

It looks like the mujoco project's Makefile includes a target to ease in uploading updates of the project to PyPI by utilizing the Twine application. This target would only be meant to be used by the package maintainer(s).

Oh, and in case you were wondering, the python setup.py sdist command is what makes a source code artifact that can be uploaded to PyPI. It will place this artifact in the ./build/ directory as project-name_version.tar.gz.