When using travis-ci to deploy to pypi, the procedure is:
In that repository, include a pypi deploy that looks like:
provider: pypi
user: "PYPI_USER"
password:
secure: "PYPI_PASSWORD_SECURED_WITH_TRAVIS_ENCRYPT"
on:
tags: true
How does the security model for this work? Why is it that someone else can't copy my user and password and deploy to that pip package?
How does the security model for this work?
Good enough. (You haven't signed a contract with me, so I cannot give any promise.)
Why is it that someone else can't copy my user and password and deploy to that pip package?
Because she cannot decrypt secret values encrypted by you. For each registered repository, Travis CI generates an RSA keypair — that is, values encrypted by your public key cannot be decrypted by intruders' private key, only your private key can decrypt them and the private keys are only accessible by Travis CI.