From 22c38e20744a6e64f08ba01ea99ee57a2136a511 Mon Sep 17 00:00:00 2001
From: Erick Friis <erick@langchain.dev>
Date: Thu, 31 Oct 2024 15:24:15 -0700
Subject: [PATCH] infra: disable pypi release attestations (#115)

---
 .github/workflows/_release.yml      | 2 ++
 .github/workflows/_test_release.yml | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.github/workflows/_release.yml b/.github/workflows/_release.yml
index 4cc28648..c2ec5f94 100644
--- a/.github/workflows/_release.yml
+++ b/.github/workflows/_release.yml
@@ -221,6 +221,8 @@ jobs:
           packages-dir: ${{ inputs.working-directory }}/dist/
           verbose: true
           print-hash: true
+          # Temp workaround since attestations are on by default as of gh-action-pypi-publish v1\.11\.0
+          attestations: false
 
   mark-release:
     needs:
diff --git a/.github/workflows/_test_release.yml b/.github/workflows/_test_release.yml
index f49e5051..a57496b4 100644
--- a/.github/workflows/_test_release.yml
+++ b/.github/workflows/_test_release.yml
@@ -93,3 +93,5 @@ jobs:
           # This is *only for CI use* and is *extremely dangerous* otherwise!
           # https://github.com/pypa/gh-action-pypi-publish#tolerating-release-package-file-duplicates
           skip-existing: true
+          # Temp workaround since attestations are on by default as of gh-action-pypi-publish v1.11.0
+          attestations: false