Skip to content

docs: prepare public distribution path#6

Merged
saagpatel merged 1 commit into
mainfrom
codex/public-pypi-readiness
May 18, 2026
Merged

docs: prepare public distribution path#6
saagpatel merged 1 commit into
mainfrom
codex/public-pypi-readiness

Conversation

@saagpatel
Copy link
Copy Markdown
Owner

@saagpatel saagpatel commented May 18, 2026

What

  • Documents GitHub Releases as the supported public distribution channel and adds a PyPI activation checklist.
  • Makes PyPI upload explicitly opt-in via scripts/release.sh --publish-pypi and moves make release to artifact preparation only.
  • Adds PyPI-ready package metadata plus tests that guard the public distribution policy.

Why

  • The project is public now, so the install and publishing story needs to be clear and hard to misuse.
  • PyPI should remain a deliberate future activation step, not something a local credential can trigger accidentally.

How

  • Updated release helper defaults, Makefile targets, README/release docs, changelog, issue template, and pyproject metadata.
  • Added a focused distribution-policy test for package metadata, PyPI opt-in behavior, and docs alignment.

Testing

  • ruff check src/ tests/
  • python3 -m pytest tests/test_distribution_policy.py tests/test_versioning.py -q -p no:cacheprovider
  • python3 -m pytest -q -p no:cacheprovider
  • bash scripts/release.sh
  • make release
  • ./dist/audit.pyz --help

Performance Impact

  • None expected; packaging/docs/test-only changes.

Risk / Notes

  • PyPI publishing remains inactive until the project owner configures PyPI/Trusted Publishing or credentials and explicitly runs make publish-pypi.

@saagpatel
docs: prepare public distribution path
1ebd0e6 
- document GitHub Releases as the supported public channel
- make PyPI publishing explicitly opt-in
- add package metadata and distribution policy checks

Tests: ruff check src/ tests/; python3 -m pytest -q -p no:cacheprovider; bash scripts/release.sh; make release; ./dist/audit.pyz --help
chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed May 18, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 1ebd0e6738

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread scripts/release.sh
@@ -1,23 +1,32 @@
#!/usr/bin/env bash
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot May 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Restore executable bit on release helper

With this commit the file mode changes from 100755 to 100644, so the documented direct invocation path (scripts/release.sh --publish-pypi in the updated release docs and the script's shebang-based usage) now fails with Permission denied on a normal checkout. Either keep the helper executable or make all docs/targets consistently invoke it via bash.

Useful? React with 👍 / 👎.

@saagpatel saagpatel merged commit 5ec5df8 into main May 18, 2026
1 check passed
@saagpatel saagpatel deleted the codex/public-pypi-readiness branch May 18, 2026 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@saagpatel