no mention whatsoever of testpypi.python.org in docs

[zzzeek]

the top tool recommendations page recommends using twine for secure uploads, when we look at the front page for twine we see a super simple "twine upload" command, with no mention whatsoever that it will ignore your "sign" directive in setup.cfg and needs to be explicit, and due to the completely silent and has never been that way for 10 years behavior that a package upload is effectively permanently uses that name forever you've now screwed yourself. Per dstufft, the solution is that everyone should be using testpypi until they are fully confident that their exactly-one-chance-to-get-it-right-permanent-forever upload command will work as expected. This recommendation needs to be plastered all over pypi and its tools everywhere because the new policy about "mistakes are forever" makes this absolutely Critical!!

[brainwane]

@zzzeek Thank you for your bug report. I've referred to this several times as I've improved or learned more about packaging documentation. I have an open issue for Twine pypa/twine#11 to make Twine's usage and README information clearly say that users should use Test PyPI first. And https://packaging.python.org/tutorials/distributing-packages/#uploading-your-project-to-pypi mentions that the reader "might prefer training with the PyPI test site" although I think the recommendation should be stronger.

I wrote in more detail about the current state of Warehouse (the new PyPI) and linked to open issues requesting dry-run tools and staging areas in pypa/packaging-problems#74 (comment) .

[hugovk]

There's now a dedicated guide page to TestPyPI and it's mentioned on other pages too:

https://packaging.python.org/guides/using-testpypi/

Is this enough to close this issue?