Rename project to src-auth-perms-sync

.env.example

@@ -1,5 +1,5 @@
 # Environment variables can be provided in either an .env file, or the shell environment
-# Defaults match `uv run auth-perms-sync --help`
+# Defaults match `uv run src-auth-perms-sync --help`
 
 # .env file path is CLI-only: `--env-file PATH` (default: .env)
 
@@ -20,17 +20,17 @@ SRC_ACCESS_TOKEN="sgp_..."
 
 # Concurrent Sourcegraph API worker threads
 # Default: 32
-# AUTH_PERMS_SYNC_PARALLELISM=32
+# SRC_AUTH_PERMS_SYNC_PARALLELISM=32
 
 # Max attempts per HTTP request before giving up
 # Default: 5
-# AUTH_PERMS_SYNC_MAX_ATTEMPTS=5
+# SRC_AUTH_PERMS_SYNC_MAX_ATTEMPTS=5
 
 # With mutating commands: skip before/after snapshots and validation
 # Default: false
-# AUTH_PERMS_SYNC_NO_BACKUP=false
+# SRC_AUTH_PERMS_SYNC_NO_BACKUP=false
 
 # Seconds between logging compute resource samples
 # Default: 10
 # Set 0 to disable
-# AUTH_PERMS_SYNC_SAMPLE_INTERVAL=10
+# SRC_AUTH_PERMS_SYNC_SAMPLE_INTERVAL=10

.github/workflows/ci.yml

@@ -18,7 +18,7 @@ jobs:
     name: Build and test
     runs-on: ubuntu-24.04
     env:
-      PACKAGE_NAME: auth-perms-sync
+      PACKAGE_NAME: src-auth-perms-sync
       PYTHON_VERSION: "3.11"
       UV_VERSION: "0.11.7"
 
@@ -50,10 +50,10 @@ jobs:
         run: uv lock --check
 
       - name: Lint
-        run: uv run --frozen ruff check auth_perms_sync/ tests/
+        run: uv run --frozen ruff check src_auth_perms_sync/ tests/
 
       - name: Check formatting
-        run: uv run --frozen ruff format --check auth_perms_sync/ tests/
+        run: uv run --frozen ruff format --check src_auth_perms_sync/ tests/
 
       - name: Type check
         run: uv run --frozen pyright
@@ -62,7 +62,7 @@ jobs:
         run: uv run --frozen python -m unittest discover -s tests
 
       - name: Smoke test source checkout CLI
-        run: uv run --frozen auth-perms-sync --help >/tmp/auth-perms-sync-help.txt
+        run: uv run --frozen src-auth-perms-sync --help >/tmp/src-auth-perms-sync-help.txt
 
       - name: Build wheel
         run: |
@@ -74,12 +74,12 @@ jobs:
           python -m venv build/ci-venv
           . build/ci-venv/bin/activate
           python -m pip install --upgrade pip
-          python -m pip install dist/src_py_lib-*.whl dist/auth_perms_sync-*.whl
-          auth-perms-sync --help >/tmp/auth-perms-sync-installed-help.txt
-          python -m auth_perms_sync --help >/tmp/auth-perms-sync-module-help.txt
+          python -m pip install dist/src_py_lib-*.whl dist/src_auth_perms_sync-*.whl
+          src-auth-perms-sync --help >/tmp/src-auth-perms-sync-installed-help.txt
+          python -m src_auth_perms_sync --help >/tmp/src-auth-perms-sync-module-help.txt
 
       - name: Upload wheel artifact
         uses: actions/upload-artifact@v7
         with:
-          name: auth-perms-sync-wheel
+          name: src-auth-perms-sync-wheel
           path: dist/*.whl

.github/workflows/release.yml

@@ -34,17 +34,17 @@ jobs:
         include:
           - platform: linux-x86_64
             runs_on: ubuntu-24.04
-            asset_basename: auth-perms-sync-linux-x64
+            asset_basename: src-auth-perms-sync-linux-x64
             target_description: Linux x64
             expected_machine: x86_64
           - platform: macos-arm64
             runs_on: macos-26
-            asset_basename: auth-perms-sync-macos-arm64
+            asset_basename: src-auth-perms-sync-macos-arm64
             target_description: macOS arm64
             expected_machine: arm64
     env:
       ASSET_BASENAME: ${{ matrix.asset_basename }}
-      PACKAGE_NAME: auth-perms-sync
+      PACKAGE_NAME: src-auth-perms-sync
       PYTHON_VERSION: "3.11"
       TARGET_DESCRIPTION: ${{ matrix.target_description }}
       UV_VERSION: "0.11.7"
@@ -109,10 +109,10 @@ jobs:
           fi
 
           uv lock --check
-          uv run --frozen ruff check auth_perms_sync/
-          uv run --frozen ruff format --check auth_perms_sync/
+          uv run --frozen ruff check src_auth_perms_sync/
+          uv run --frozen ruff format --check src_auth_perms_sync/
           uv run --frozen pyright
-          uv run --frozen auth-perms-sync --help >/tmp/auth-perms-sync-help.txt
+          uv run --frozen src-auth-perms-sync --help >/tmp/src-auth-perms-sync-help.txt
 
       - name: Build wheelhouse tarball
         id: build
@@ -169,27 +169,27 @@ jobs:
           src_py_lib_wheel_name="$(basename "${src_py_lib_wheel_path}")"
 
           cat > "${wheelhouse_dir}/INSTALL.txt" <<EOF
-          # Auth perms sync ${release_tag} offline install
+          # src-auth-perms-sync ${release_tag} offline install
 
           This wheelhouse targets ${TARGET_DESCRIPTION} with Python 3.11.
 
           tar -xzf ${ASSET_BASENAME}.tar.gz
           python3.11 -m venv .venv
           . .venv/bin/activate
           pip install --no-index --find-links ./wheelhouse ${PACKAGE_NAME}
-          auth-perms-sync --help
+          src-auth-perms-sync --help
 
           Connected install, for environments that can reach GitHub and PyPI:
 
           pip install \
-            "https://github.com/sourcegraph/auth-perms-sync/releases/download/${release_tag}/${src_py_lib_wheel_name}" \
-            "https://github.com/sourcegraph/auth-perms-sync/releases/download/${release_tag}/${project_wheel_name}"
+            "https://github.com/sourcegraph/src-auth-perms-sync/releases/download/${release_tag}/${src_py_lib_wheel_name}" \
+            "https://github.com/sourcegraph/src-auth-perms-sync/releases/download/${release_tag}/${project_wheel_name}"
           EOF
 
           (cd "${wheelhouse_dir}" && shasum -a 256 *.whl > WHEELS.sha256)
 
           test -f "${project_wheel_path}"
-          test -f "${wheelhouse_dir}"/auth_perms_sync-*.whl
+          test -f "${wheelhouse_dir}"/src_auth_perms_sync-*.whl
           test -f "${wheelhouse_dir}"/src_py_lib-*.whl
           if find "${wheelhouse_dir}" -type f \
             ! -name '*.whl' \
@@ -228,7 +228,7 @@ jobs:
             --no-index \
             --find-links "${validation_dir}/wheelhouse" \
             "${PACKAGE_NAME}"
-          auth-perms-sync --help >/tmp/auth-perms-sync-release-help.txt
+          src-auth-perms-sync --help >/tmp/src-auth-perms-sync-release-help.txt
 
       - name: Write release notes
         id: notes
@@ -242,26 +242,26 @@ jobs:
 
           ### Restricted/offline Linux x64 + Python 3.11 install
 
-          Download \`auth-perms-sync-linux-x64.tar.gz\`, then run:
+          Download \`src-auth-perms-sync-linux-x64.tar.gz\`, then run:
 
           \`\`\`sh
-          tar -xzf auth-perms-sync-linux-x64.tar.gz
+          tar -xzf src-auth-perms-sync-linux-x64.tar.gz
           python3.11 -m venv .venv
           . .venv/bin/activate
           pip install --no-index --find-links ./wheelhouse ${PACKAGE_NAME}
-          auth-perms-sync --help
+          src-auth-perms-sync --help
           \`\`\`
 
           ### Restricted/offline macOS arm64 + Python 3.11 install
 
-          Download \`auth-perms-sync-macos-arm64.tar.gz\`, then run:
+          Download \`src-auth-perms-sync-macos-arm64.tar.gz\`, then run:
 
           \`\`\`sh
-          tar -xzf auth-perms-sync-macos-arm64.tar.gz
+          tar -xzf src-auth-perms-sync-macos-arm64.tar.gz
           python3.11 -m venv .venv
           . .venv/bin/activate
           pip install --no-index --find-links ./wheelhouse ${PACKAGE_NAME}
-          auth-perms-sync --help
+          src-auth-perms-sync --help
           \`\`\`
 
           The tarball includes this project, \`src-py-lib\`, and all runtime wheels.
@@ -271,8 +271,8 @@ jobs:
 
           \`\`\`sh
           pip install \
-            "https://github.com/sourcegraph/auth-perms-sync/releases/download/${release_tag}/${src_py_lib_wheel_name}" \
-            "https://github.com/sourcegraph/auth-perms-sync/releases/download/${release_tag}/${project_wheel_name}"
+            "https://github.com/sourcegraph/src-auth-perms-sync/releases/download/${release_tag}/${src_py_lib_wheel_name}" \
+            "https://github.com/sourcegraph/src-auth-perms-sync/releases/download/${release_tag}/${project_wheel_name}"
           \`\`\`
           EOF
           echo "path=${notes_path}" >> "${GITHUB_OUTPUT}"

.gitignore

@@ -8,6 +8,7 @@ __pycache__/
 *.py[oc]
 *.yaml
 auth-perms-sync-runs/
+src-auth-perms-sync-runs/
 build/
 dist/
 notes/
@@ -16,4 +17,4 @@ wheels/
 # Allow
 !.env.example
 !git-subtree/**
-!maps-example.yaml
+!maps-example.yaml

AGENTS.md

@@ -15,26 +15,26 @@ npx --no-install markdownlint-cli2 *.md
 ### Python files
 
 # Lint + auto-fix safe issues
-uv run ruff check auth_perms_sync/ --fix
+uv run ruff check src_auth_perms_sync/ --fix
 
 # Format
-uv run ruff format auth_perms_sync/
+uv run ruff format src_auth_perms_sync/
 
 # Type check
 uv run pyright
 
 # Basic test
-uv run auth-perms-sync --help
+uv run src-auth-perms-sync --help
 ```
 
 ## Testing
 
 - First run a dry-run (default behaviour, without `--apply` flag) against a Sourcegraph instance
 
 ```sh
-uv run auth-perms-sync [--get]
-uv run auth-perms-sync --set maps.yaml --full
-uv run auth-perms-sync --restore backups/<source>/<run>/before.json
+uv run src-auth-perms-sync [--get]
+uv run src-auth-perms-sync --set maps.yaml --full
+uv run src-auth-perms-sync --restore backups/<source>/<run>/before.json
 ```
 
 - Read the output, and evaluate the expected changes
@@ -43,7 +43,7 @@ uv run auth-perms-sync --restore backups/<source>/<run>/before.json
   - Read and evaluate the output for expected changes
   - Run with the `--restore` flag against the test instance
   - Always inspect the before / after snapshots in
-    `auth-perms-sync-runs/<endpoint>/backups/` afterward to confirm the diff matches what you expected
+    `src-auth-perms-sync-runs/<endpoint>/backups/` afterward to confirm the diff matches what you expected
 
 ## Hard invariants — do not break
 
@@ -83,7 +83,7 @@ organization sync maps SAML groups to Sourcegraph org membership. Read
 
 ## Layout
 
-CLI lives in `auth_perms_sync/`; invoke with `uv run auth-perms-sync`.
+CLI lives in `src_auth_perms_sync/`; invoke with `uv run src-auth-perms-sync`.
 Strict pyright covers the package. Root modules are entrypoints only:
 
 - `cli.py` — `main()`, arg parsing, owns the CLI description.