Skip to content

Package for PyPI: structure, release docs, and CI (#11, #12, #13)#19

Merged
CallMarcus merged 3 commits into
mainfrom
claude/issues-status-review-ll7hil
Jun 21, 2026
Merged

Package for PyPI: structure, release docs, and CI (#11, #12, #13)#19
CallMarcus merged 3 commits into
mainfrom
claude/issues-status-review-ll7hil

Conversation

@CallMarcus

Copy link
Copy Markdown
Owner

Summary

Converts the project from a flat script into an installable, PyPI-ready Python package, with release documentation and an automated test/CI scaffold. Delivers the doable work across the Phase 1–3 issues.

This is the keystone work that unblocks the remaining release tasks. Closes #11. Substantial progress on #12 and #13 (remaining items noted below).

What changed

#11 — Package structure (complete)

  • New domain_security_analyzer/ package: __init__, __version__, __main__, analyzer.py (core logic moved from domain_analyzer.py), and cli.py (argparse interface with --help/--version + the friendly dependency check).
  • domain_analyzer.py is now a thin backward-compatible shim — python domain_analyzer.py ... and from domain_analyzer import DomainAnalyzer still work.
  • pyproject.toml (setuptools build, metadata/classifiers/keywords/URLs, dynamic version, domain-analyzer console entry point) and MANIFEST.in.
  • .gitignore excludes build/dist/egg-info artifacts.

#12 — Release docs & metadata (doable parts)

  • CHANGELOG.md: tagged [1.0.0] entry in Keep a Changelog format.
  • README.md: PyPI/source install instructions, domain-analyzer / python -m usage, and badges.
  • New CONTRIBUTING.md and AUTHORS.md, shipped in the sdist via MANIFEST.in.
  • Package classifiers/keywords/project URLs (in pyproject.toml).

#13 — Testing & QA (scaffold)

  • tests/: pytest suite (23 tests) covering the public API/version, the legacy import shim, DomainAnalyzer pure logic (parent domain, external-resource and hash-algorithm detection, SRI counting/coverage), and end-to-end 29-column CSV writing with analyze_domain stubbed (no network); plus CLI parsing and --version/--help.
  • .github/workflows/ci.yml: matrix across ubuntu/windows/macos × Python 3.8–3.12 (install + pytest + entry-point smoke tests), and a separate build + twine check job.
  • dev optional-dependencies extra (pytest, build, twine).

Verification (local, Python 3.11)

  • pip install -e ".[dev]"
  • from domain_security_analyzer import DomainAnalyzer, domain-analyzer --help/--version, python -m domain_security_analyzer, legacy shim
  • pytest → 23 passed
  • ✅ end-to-end run still produces the 29-column CSV
  • python -m build + twine check → PASSED (wheel + sdist)

Out of scope / follow-ups

🤖 Generated with Claude Code


Generated by Claude Code

claude added 3 commits June 21, 2026 16:54
Restructure the project into a proper Python package suitable for PyPI:

- Add domain_security_analyzer/ package: __init__, __version__, __main__,
  analyzer (core logic moved from domain_analyzer.py), and cli (argparse
  interface with --help/--version plus the friendly dependency check).
- Replace domain_analyzer.py with a thin backward-compatible shim so
  `python domain_analyzer.py ...` and `from domain_analyzer import
  DomainAnalyzer` keep working.
- Add pyproject.toml (setuptools build, metadata/classifiers/keywords/URLs,
  dynamic version, `domain-analyzer` console entry point) and MANIFEST.in.
- Ignore build/dist/egg-info artifacts.

Verified: pip install -e ., `from domain_security_analyzer import
DomainAnalyzer`, `domain-analyzer --help/--version`, `python -m
domain_security_analyzer`, end-to-end 29-column CSV output, and
`python -m build` + `twine check` both pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01XYvSCw1sjoG2AHbLPCsX7S
Cover the doable parts of the Phase 2 release-docs issue:

- CHANGELOG.md: promote the Unreleased notes into a tagged v1.0.0 entry
  (Keep a Changelog format) covering packaging, SRI scanning, and wildcard
  filtering; add version compare links.
- README.md: add PyPI/source install instructions, the `domain-analyzer`
  console command and `python -m` usage, and PyPI/license badges.
- Add CONTRIBUTING.md (dev setup, layout, change workflow) and AUTHORS.md.
- Ship the new docs in the sdist via MANIFEST.in.

Package metadata (classifiers, keywords, project URLs) already landed in
pyproject.toml with #11. Verified `python -m build` and `twine check` pass
for both wheel and sdist.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01XYvSCw1sjoG2AHbLPCsX7S
Establish automated testing toward the Phase 3 QA issue:

- tests/: pytest suite covering the public API/version, the legacy import
  shim, DomainAnalyzer pure logic (parent domain, external-resource and
  hash-algorithm detection, SRI counting/coverage), and end-to-end 29-column
  CSV writing with analyze_domain stubbed (no network). Plus CLI tests for
  --version/--help and argument parsing.
- .github/workflows/ci.yml: matrix across ubuntu/windows/macos x Python
  3.8-3.12 that installs the package, runs pytest, and smoke-tests the entry
  points; a separate job runs `python -m build` + `twine check`.
- pyproject.toml: add a `dev` optional-dependencies extra (pytest, build,
  twine).

Note: the matrix starts at 3.8 (3.7 is EOL and unavailable on current GitHub
runners); requires-python remains >=3.7. Cross-platform/full-version
validation in the issue is delivered by CI rather than this container.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01XYvSCw1sjoG2AHbLPCsX7S
@CallMarcus
CallMarcus merged commit 735a9b4 into main Jun 21, 2026
17 checks passed
@CallMarcus
CallMarcus deleted the claude/issues-status-review-ll7hil branch June 21, 2026 17:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Package Structure & Configuration Setup

2 participants