Summary
Prepare pysatl-core repository for the first alpha release without publishing anything yet.
Problems
- Package build was not checked in CI, so broken
sdist/wheel artifacts could pass tests.
- UNU.RAN bindings depended on fragile local build assumptions.
- CI used submodule updates in a non-reproducible way.
- Project metadata, README, installation docs, and security policy needed release-oriented cleanup.
- Dependency update automation was missing.
Proposed Fixes
- Add CI checks for:
python -m build
twine check
- wheel installation in a clean virtual environment
- smoke import of
_unuran_cffi
- Build UNU.RAN CFFI bindings directly from vendored sources during package build.
- Use pinned submodule commits in CI via
submodules: recursive instead of git submodule update --remote.
- Add
cibuildwheel config for Linux/macOS/Windows binary wheels.
- Update
pyproject.toml package metadata and PyPI classifiers.
- Update README and installation docs for pre-release/source install state.
- Add
SECURITY.md.
- Add Dependabot config for GitHub Actions, Python dependencies, and pre-commit hooks.
Acceptance Criteria
pre-commit run --all-files passes.
pytest -q passes.
python -m build produces valid sdist and wheel.
twine check dist/* passes.
- Built wheel installs into a clean virtual environment.
_unuran_cffi can be imported from the installed wheel.
Summary
Prepare
pysatl-corerepository for the first alpha release without publishing anything yet.Problems
sdist/wheelartifacts could pass tests.Proposed Fixes
python -m buildtwine check_unuran_cffisubmodules: recursiveinstead ofgit submodule update --remote.cibuildwheelconfig for Linux/macOS/Windows binary wheels.pyproject.tomlpackage metadata and PyPI classifiers.SECURITY.md.Acceptance Criteria
pre-commit run --all-filespasses.pytest -qpasses.python -m buildproduces validsdistandwheel.twine check dist/*passes._unuran_cffican be imported from the installed wheel.