feat: add PyPI dev bootstrap release mode

[sipercai]

Description

Add a manual dev-bootstrap-new-projects mode to the LoongSuite release workflow.

This mode is intended for newly merged LoongSuite distributions whose PyPI project names do not exist yet. It:

• builds LoongSuite PyPI wheels with a unique PEP 440 dev version derived from the requested base version and GitHub run metadata;
• queries PyPI JSON for each LoongSuite distribution from the release manifest;
• keeps only wheels whose PyPI project does not already exist;
• supports the default dry_run=true preview mode;
• publishes kept wheels with PYPI_API_TOKEN through the existing pypi environment only when dry_run=false;
• skips release branch creation, GitHub Release creation, and post-release PR creation.

Operational note: this workflow uses PyPI API token publishing. The token must have permission to upload and create new PyPI projects. Pending Publishers are only required if the workflow is switched to OIDC Trusted Publishing. If manual approval is required before upload, configure required reviewers on the GitHub pypi environment.

Fixes # (issue)

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

• python3 -m py_compile scripts/loongsuite/select_new_pypi_projects.py
• uvx ruff@0.14.1 format --check scripts/loongsuite/select_new_pypi_projects.py
• uvx ruff@0.14.1 check scripts/loongsuite/select_new_pypi_projects.py
• Parsed .github/workflows/loongsuite-release.yml with yaml.BaseLoader
• Simulated a missing-project prune locally: an existing wheel was removed and a missing-project wheel was kept
• python3 <loongsuite-github-pipeline>/scripts/check_loongsuite_pr_readiness.py --repo .
• tox -e precommit

Does This PR Require a Core Repo Change?

• Yes. - Link to PR:
• No.

Checklist:

See contributing.md for styleguide, changelog guidelines, and more.

• Followed the style guidelines of this project
• Changelogs have been updated
  • Not applicable: this changes release automation and release documentation only.
• Unit tests have been added
  • Not applicable: this mode is a manually dispatched release workflow; focused local smoke checks and tox -e precommit were run.
• Documentation has been updated

[Copilot]

Pull request overview

This PR adds a manually-triggered “dev bootstrap” mode to the LoongSuite release workflow to pre-create newly added PyPI project names by publishing uniquely-versioned dev wheels only for distributions that don’t yet exist on PyPI.

Changes:

• Added mode=dev-bootstrap-new-projects to the GitHub Actions release workflow, including dev-version derivation, wheel pruning, and conditional publishing.
• Introduced a new helper script to detect missing PyPI projects via PyPI JSON and prune built wheels accordingly.
• Updated release documentation to describe the new dev-bootstrap workflow and PyPI publishing setup.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
scripts/loongsuite/select_new_pypi_projects.py	New script that queries PyPI and prunes dist-pypi/ wheels to only those whose projects don’t yet exist.
docs/loongsuite-release.md	Documents the dev-bootstrap mode and updates PyPI publishing guidance.
.github/workflows/loongsuite-release.yml	Adds the new workflow mode, jobs, inputs, and token-based publishing changes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

This PR has been automatically marked as stale because it has not had any activity for 14 days. It will be closed if no further activity occurs within 14 days of this comment.
If you're still working on this, please add a comment or push new commits.

[ralf0131]

Review by github-manager-bot

Summary

Adds a manual dev-bootstrap-new-projects mode to the LoongSuite release workflow for reserving PyPI project names before a formal release. The workflow builds dev wheels with a PEP 440 dev version, queries PyPI JSON for existing projects, keeps only new-project wheels, and publishes them with dry_run=true by default.

Findings

• [Info] loongsuite-release.yml — The workflow correctly separates dev-bootstrap-build from the existing build job, using if conditions to gate on mode == 'dev-bootstrap-new-projects'. The concurrency group is correctly scoped per mode to prevent conflicts.
• [Info] loongsuite-release.yml — Good security practice: using env vars (INPUT_LOONGSUITE_VERSION, INPUT_UPSTREAM_VERSION) instead of inline ${{ }} expressions in run steps prevents script injection. The DEFAULT_UPSTREAM_VERSION env var is a clean default.
• [Info] select_new_pypi_projects.py — The PyPI JSON API query and wheel pruning logic is straightforward. The --dry-run flag correctly reports what would be published without actually removing files.
• [Warning] loongsuite-release.yml:dev-bootstrap-build — The dev version derivation ${BASE_VERSION}.dev${dev_number} where dev_number = GITHUB_RUN_NUMBER * 100 + GITHUB_RUN_ATTEMPT is unique per run, but PyPI rejects re-uploads of the same version. If a run is re-triggered (e.g., after a transient error), a new GITHUB_RUN_NUMBER ensures uniqueness. However, if the same run number is somehow reused (extremely unlikely), uploads will fail silently. The if-no-files-found: error on artifact upload is a good safeguard.
• [Info] docs/loongsuite-release.md — Clear documentation of the dev-bootstrap mode, including the note about PyPI API token permissions and Pending Publishers for future OIDC migration.

LGTM. Well-designed release automation with appropriate safety guards.

---

Automated review by github-manager-bot