@runfile-ai/schemas 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/README.md +4 -4
  2. package/dist/event.d.ts +931 -105
  3. package/dist/event.d.ts.map +1 -1
  4. package/dist/event.js +252 -14
  5. package/dist/event.js.map +1 -1
  6. package/dist/evidence.d.ts +588 -115
  7. package/dist/evidence.d.ts.map +1 -1
  8. package/dist/ingest.d.ts +4981 -335
  9. package/dist/ingest.d.ts.map +1 -1
  10. package/dist/ingest.js +153 -24
  11. package/dist/ingest.js.map +1 -1
  12. package/dist/vault.d.ts +6 -6
  13. package/generated/json-schema/event.json +670 -41
  14. package/generated/json-schema/evidence.json +269 -11
  15. package/generated/json-schema/ingest.json +738 -93
  16. package/generated/json-schema/vault.json +17 -1
  17. package/package.json +1 -1
package/README.md CHANGED
@@ -130,8 +130,8 @@ You don't tag manually. The flow is:
130
130
  3. Review that PR. When merged:
131
131
  - The same workflow runs again, calls `changeset publish`, which:
132
132
  - Publishes `@runfile-ai/schemas@X.Y.Z` to npm
133
- - Pushes the `vX.Y.Z` git tag
134
- - The tag push triggers `release.yml`, which announces the Go module path (and will publish to PyPI once the runfile-ai PyPI org is set up).
133
+ - Pushes the `vX.Y.Z` git tag (Go consumers fetch via this tag — no separate publish step)
134
+ - The same workflow then builds the Python wheel + sdist and publishes `runfile-ai-schemas==X.Y.Z` to PyPI via [trusted publishing](https://docs.pypi.org/trusted-publishers/) (OIDC, no API token).
135
135
 
136
136
  You can preview what the next release will look like locally:
137
137
 
@@ -143,8 +143,8 @@ pnpm changeset status --verbose
143
143
 
144
144
  | Registry | What to set up |
145
145
  |---|---|
146
- | **npm** | `NPM_TOKEN` repo secret (an automation token from npmjs.org with `Publish` rights on `@runfile-ai/schemas`) |
147
- | **PyPI** | *Deferred to GA.* A trusted publisher on [pypi.org/manage/account/publishing/](https://pypi.org/manage/account/publishing/) pointing at this repo's `release.yml` workflow and `release` GitHub environment. Until then the PyPI step in `release.yml` is commented out. |
146
+ | **npm** | `NPM_TOKEN` repo secret (granular access token with `@runfile-ai` scope → read+write, or an automation token from npmjs.org with `Publish` rights on `@runfile-ai/schemas`). |
147
+ | **PyPI** | A trusted publisher on [pypi.org/manage/account/publishing/](https://pypi.org/manage/account/publishing/) pointing at the `changesets.yml` workflow and the `release` GitHub environment. No secret required. |
148
148
  | **Go** | Nothing. The repo must be public (or the consumer's `GOPRIVATE` must include it) and tags must be pushed — Changesets pushes them for you. |
149
149
 
150
150
  ### Manual fallback: `pnpm run publish-all`