docs: PyPI publishing guide + quality-gates/CI-CD overview#47
Merged
Conversation
Point 6: the root README now has a "Quality gates & CI/CD" section that enumerates, in one place, every gate this repo demonstrates (the check-ci sequence plus gitleaks/SonarCloud/CodeQL) and the CI/CD it models (continuous release on merge, supply-chain pinning, the branch/tag rulesets, and the repo_audit self-guarding), so a visitor sees what is demonstrated at a glance. Point 5: docs/publishing-to-pypi.md shows template adopters how to publish to PyPI (this repo deliberately does not). It leads with Trusted Publishing (OIDC, no tokens) via pypa/gh-action-pypi-publish, an API-token fallback, a TestPyPI step, and links to the official Python Packaging, PyPI, and uv docs. Linked from the README Releases section. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Code Coverage OverviewLanguages: Python Python / code-coverage/pytestThe overall coverage remains at 89%, unchanged from the branch. Code Coverage is in Public Preview. Learn more and provide us with your feedback. |
There was a problem hiding this comment.
Pull request overview
Adds documentation to help template adopters understand the repo’s CI/quality gate model at a glance and provides a step-by-step PyPI publishing guide (while keeping this template GitHub-Releases-only).
Changes:
- Add a “Quality gates & CI/CD” section to the root README, including a gate list/table and a short CI/CD overview.
- Add
docs/publishing-to-pypi.mddescribing Trusted Publishing (OIDC) first, with TestPyPI and API-token fallback guidance. - Link the new PyPI publishing guide from the README’s Releases section.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
README.md |
Documents the repo’s demonstrated quality gates and CI/CD model; adds link to the new PyPI publishing guide. |
docs/publishing-to-pypi.md |
New guide describing how to publish to PyPI via GitHub Actions (Trusted Publishing recommended). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
check-cisequence as a table, plus gitleaks / SonarCloud / CodeQL) and the CI/CD it models (continuous release on merge, supply-chain pinning, branch/tag rulesets, andrepo_auditself-guarding) — so a visitor sees what's demonstrated at a glance.docs/publishing-to-pypi.md: a guide for template adopters (this repo deliberately does not publish to PyPI). Leads with Trusted Publishing (OIDC, no tokens) viapypa/gh-action-pypi-publish, with an API-token fallback, a TestPyPI step, and links to the official Python Packaging / PyPI / uv docs. Linked from the README Releases section.Docs only.
🤖 Generated with Claude Code