html_url,issue_url,id,node_id,user,created_at,updated_at,author_association,body,reactions,performed_via_github_app,issue
https://github.com/pydata/xarray/issues/5232#issuecomment-830254596,https://api.github.com/repos/pydata/xarray/issues/5232,830254596,MDEyOklzc3VlQ29tbWVudDgzMDI1NDU5Ng==,221526,2021-04-30T17:42:09Z,2021-04-30T17:42:09Z,CONTRIBUTOR,"> We can avoid this by using the pypi github action thing to automatically build and upload when tagging a release on github. It uses a repo-level secret. Just a thought.

$0.02 from an outsider is that this has served us exceedingly well on MetPy. Our release process has become:
1. Close milestone
2. Adjust the auto-generated draft GitHub release (summary notes)
3. Click ""publish release"" -> packages uploaded to PyPI
4. Merge conda-forge update from their bots

It's almost *more* secure this way because the token from PyPI only has upload permissions--no need to store someone's password.","{""total_count"": 3, ""+1"": 3, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",,870292042