changes-roller 0.1.0__tar.gz

changes_roller-0.1.0/.bandit

@@ -0,0 +1,17 @@
+# Bandit configuration for changes-roller
+# These warnings are intentional for this Git automation tool
+
+# Exclude test directories
+exclude_dirs:
+  - /tests/
+
+# Skip checks:
+# - B101: assert is OK for runtime validation
+# - B404/B603/B607: subprocess and git commands are core functionality
+# - B602: shell=True is intentional for run_command (executes user patch scripts)
+skips:
+  - B101
+  - B404
+  - B603
+  - B607
+  - B602

changes_roller-0.1.0/.claude/settings.local.json

@@ -0,0 +1,35 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(ruff check:*)",
+      "Bash(ruff format:*)",
+      "Bash(bandit:*)",
+      "Bash(mypy:*)",
+      "Bash(gh issue view:*)",
+      "Bash(xrandr:*)",
+      "Bash(python -m pytest:*)",
+      "Bash(gh issue list:*)",
+      "Bash(gh issue edit:*)",
+      "Bash(pre-commit install:*)",
+      "Bash(pre-commit run:*)",
+      "Bash(pytest:*)",
+      "Bash(pre-commit validate-config:*)",
+      "Bash(git add:*)",
+      "Bash(gh issue create:*)",
+      "Bash(python3:*)",
+      "Bash(pip index:*)",
+      "Bash(grep:*)",
+      "Bash(gh pr view:*)",
+      "Bash(gh pr diff:*)",
+      "Bash(gh label:*)",
+      "Bash(gh pr edit:*)",
+      "Bash(gh pr comment:*)",
+      "Bash(gh pr merge:*)",
+      "Bash(gh pr checks:*)",
+      "Bash(gh pr list:*)",
+      "WebSearch",
+      "Bash(ln:*)",
+      "Bash(sphinx-build:*)"
+    ]
+  }
+}

changes_roller-0.1.0/.editorconfig

@@ -0,0 +1,46 @@
+# EditorConfig is awesome: https://EditorConfig.org
+
+# Top-most EditorConfig file
+root = true
+
+# All files
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+# Python files
+[*.py]
+indent_style = space
+indent_size = 4
+max_line_length = 88
+
+# YAML files
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2
+
+# TOML files
+[*.toml]
+indent_style = space
+indent_size = 2
+
+# JSON files
+[*.json]
+indent_style = space
+indent_size = 2
+
+# Markdown files
+[*.md]
+trim_trailing_whitespace = false
+max_line_length = off
+
+# Shell scripts
+[*.sh]
+indent_style = space
+indent_size = 2
+
+# Makefile
+[Makefile]
+indent_style = tab

changes_roller-0.1.0/.gitattributes

@@ -0,0 +1,56 @@
+# Auto detect text files and normalize line endings to LF
+* text=auto eol=lf
+
+# Source code
+*.py text diff=python
+*.sh text eol=lf
+
+# Configuration files
+*.yml text
+*.yaml text
+*.toml text
+*.json text
+*.ini text
+*.cfg text
+
+# Documentation
+*.md text diff=markdown
+*.txt text
+*.rst text
+
+# Git files
+.gitignore text
+.gitattributes text
+
+# GitHub files
+.github/**/* text
+
+# Binary files
+*.pyc binary
+*.pyo binary
+*.pyd binary
+*.so binary
+*.dylib binary
+*.dll binary
+*.exe binary
+*.png binary
+*.jpg binary
+*.jpeg binary
+*.gif binary
+*.ico binary
+*.pdf binary
+*.zip binary
+*.tar binary
+*.gz binary
+*.bz2 binary
+*.7z binary
+
+# Archives
+*.tar.* binary
+
+# Fonts
+*.woff binary
+*.woff2 binary
+*.ttf binary
+*.otf binary
+*.eot binary

changes_roller-0.1.0/.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,121 @@
+name: Bug Report
+description: Report a bug or unexpected behavior
+title: "[Bug]: "
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to report a bug! Please fill out the information below to help us identify and fix the issue.
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Bug Description
+      description: A clear and concise description of what the bug is.
+      placeholder: Tell us what went wrong...
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Steps to Reproduce
+      description: Detailed steps to reproduce the behavior.
+      placeholder: |
+        1. Run command '...'
+        2. With configuration '...'
+        3. See error
+      value: |
+        1.
+        2.
+        3.
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: Expected Behavior
+      description: What did you expect to happen?
+      placeholder: Describe the expected outcome...
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: Actual Behavior
+      description: What actually happened? Include error messages and stack traces.
+      placeholder: Paste error messages and relevant output...
+      render: shell
+    validations:
+      required: true
+
+  - type: input
+    id: version
+    attributes:
+      label: changes-roller Version
+      description: What version of changes-roller are you using?
+      placeholder: "e.g., 0.1.0 or output of 'pip show changes-roller'"
+    validations:
+      required: true
+
+  - type: input
+    id: python-version
+    attributes:
+      label: Python Version
+      description: What version of Python are you using?
+      placeholder: "e.g., 3.12.0 or output of 'python --version'"
+    validations:
+      required: true
+
+  - type: input
+    id: os
+    attributes:
+      label: Operating System
+      description: What operating system are you using?
+      placeholder: "e.g., Ubuntu 22.04, macOS 14.0, Windows 11"
+    validations:
+      required: true
+
+  - type: input
+    id: git-version
+    attributes:
+      label: Git Version
+      description: What version of Git are you using?
+      placeholder: "e.g., 2.40.0 or output of 'git --version'"
+    validations:
+      required: false
+
+  - type: textarea
+    id: configuration
+    attributes:
+      label: Configuration File
+      description: If relevant, include your configuration file (redact sensitive information).
+      placeholder: Paste your .ini configuration file...
+      render: ini
+    validations:
+      required: false
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Additional Context
+      description: Add any other context, logs, or screenshots about the problem.
+      placeholder: Any additional information that might help...
+    validations:
+      required: false
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Pre-submission Checklist
+      description: Please verify the following before submitting.
+      options:
+        - label: I have searched existing issues to avoid duplicates
+          required: true
+        - label: I am using the latest version of changes-roller
+          required: false
+        - label: I have included all required information above
+          required: true

changes_roller-0.1.0/.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Question or Discussion
+    url: https://github.com/k-pavlo/changes-roller/discussions
+    about: Ask questions or discuss ideas with the community
+  - name: Security Vulnerability
+    url: https://github.com/k-pavlo/changes-roller/security/advisories/new
+    about: Report a security vulnerability privately (see SECURITY.md)

changes_roller-0.1.0/.github/ISSUE_TEMPLATE/documentation.yml

@@ -0,0 +1,101 @@
+name: Documentation Improvement
+description: Suggest improvements to documentation
+title: "[Docs]: "
+labels: ["documentation"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for helping improve our documentation! Clear documentation helps everyone.
+
+  - type: dropdown
+    id: doc-type
+    attributes:
+      label: Documentation Type
+      description: What type of documentation needs improvement?
+      options:
+        - README.md
+        - USAGE.md (User Guide)
+        - SPECIFICATION.md
+        - CONTRIBUTING.md
+        - Code comments or docstrings
+        - API documentation
+        - Examples
+        - Other
+    validations:
+      required: true
+
+  - type: input
+    id: location
+    attributes:
+      label: Location
+      description: Where in the documentation is the issue?
+      placeholder: "e.g., README.md line 42, USAGE.md 'Branch Switching' section"
+    validations:
+      required: true
+
+  - type: textarea
+    id: issue
+    attributes:
+      label: Issue with Current Documentation
+      description: What is unclear, missing, incorrect, or could be improved?
+      placeholder: Describe what's wrong with the current documentation...
+    validations:
+      required: true
+
+  - type: textarea
+    id: suggestion
+    attributes:
+      label: Suggested Improvement
+      description: How should the documentation be improved?
+      placeholder: |
+        Describe or provide the improved documentation...
+
+        If providing specific text, please format it appropriately:
+        ```markdown
+        Your suggested documentation text here...
+        ```
+    validations:
+      required: true
+
+  - type: textarea
+    id: context
+    attributes:
+      label: Additional Context
+      description: Why is this improvement important? Who would benefit?
+      placeholder: |
+        Example: "New users get confused by this section..."
+        Example: "This feature isn't documented at all..."
+    validations:
+      required: false
+
+  - type: checkboxes
+    id: doc-areas
+    attributes:
+      label: Related Areas
+      description: Which areas of documentation might also need updates?
+      options:
+        - label: README.md
+        - label: USAGE.md
+        - label: SPECIFICATION.md
+        - label: CONTRIBUTING.md
+        - label: Code comments
+        - label: Examples
+        - label: CLI help text
+
+  - type: checkboxes
+    id: contribution
+    attributes:
+      label: Contribution
+      options:
+        - label: I would be willing to submit a PR with this documentation improvement
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Pre-submission Checklist
+      options:
+        - label: I have checked that this documentation issue doesn't already have an open issue
+          required: true
+        - label: I have verified the current state of the documentation
+          required: true

changes_roller-0.1.0/.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,112 @@
+name: Feature Request
+description: Suggest a new feature or enhancement
+title: "[Feature]: "
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for suggesting a new feature! Please provide as much detail as possible to help us understand your request.
+
+  - type: textarea
+    id: feature-description
+    attributes:
+      label: Feature Description
+      description: A clear and concise description of the feature you'd like to see.
+      placeholder: Describe the feature...
+    validations:
+      required: true
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem or Use Case
+      description: What problem does this feature solve? What use case does it address?
+      placeholder: |
+        Is your feature request related to a problem? Please describe.
+        Example: I'm always frustrated when...
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposed-solution
+    attributes:
+      label: Proposed Solution
+      description: How would you like this feature to work? Describe the desired behavior.
+      placeholder: |
+        Describe how you envision this feature working...
+        Include examples of commands, configuration, or usage.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives Considered
+      description: Have you considered any alternative solutions or workarounds?
+      placeholder: Describe alternatives you've considered...
+    validations:
+      required: false
+
+  - type: textarea
+    id: examples
+    attributes:
+      label: Usage Examples
+      description: Provide concrete examples of how this feature would be used.
+      placeholder: |
+        Example command usage:
+        ```bash
+        roller create --new-option value
+        ```
+
+        Example configuration:
+        ```ini
+        [SERIE]
+        new_setting = value
+        ```
+      render: markdown
+    validations:
+      required: false
+
+  - type: dropdown
+    id: impact
+    attributes:
+      label: Impact
+      description: How would this feature impact your workflow?
+      options:
+        - Critical - Blocks major use cases
+        - High - Significantly improves workflow
+        - Medium - Nice to have enhancement
+        - Low - Minor convenience
+    validations:
+      required: true
+
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional Context
+      description: Add any other context, mockups, or screenshots about the feature request.
+      placeholder: Any additional information...
+    validations:
+      required: false
+
+  - type: checkboxes
+    id: contribution
+    attributes:
+      label: Contribution
+      description: Would you be willing to contribute to this feature?
+      options:
+        - label: I would be willing to implement this feature
+        - label: I would be willing to help test this feature
+        - label: I can provide additional requirements and feedback
+
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Pre-submission Checklist
+      description: Please verify the following before submitting.
+      options:
+        - label: I have searched existing issues and feature requests to avoid duplicates
+          required: true
+        - label: This feature aligns with the project's goals (multi-repo patch automation)
+          required: true

changes_roller-0.1.0/.github/PYPI_TRUSTED_PUBLISHER_SETUP.md

@@ -0,0 +1,200 @@
+# PyPI Trusted Publisher Setup
+
+This document provides instructions for configuring PyPI Trusted Publishers (OIDC-based publishing) for the changes-roller project.
+
+## Overview
+
+**Trusted Publishers** is PyPI's recommended secure method for automated package publishing. It uses OpenID Connect (OIDC) to authenticate GitHub Actions workflows without requiring API tokens.
+
+## Benefits
+
+- ✅ No API tokens to store or manage
+- ✅ No secrets in GitHub repository
+- ✅ Automatic token rotation
+- ✅ Scoped permissions (specific repo + workflow only)
+- ✅ Complete audit trail on PyPI
+
+## Prerequisites
+
+Before setting up trusted publishing:
+
+1. The package must be registered on PyPI (upload at least one version manually first)
+2. You must be a maintainer/owner of the package on PyPI
+3. You must have access to the GitHub repository
+
+## Step 1: Initial Package Registration
+
+If this is the first time publishing the package, you must upload it manually first:
+
+```bash
+# Build the package
+pip install --upgrade build hatchling
+python -m build
+
+# Upload to PyPI (you'll need your PyPI credentials)
+pip install --upgrade twine
+twine upload dist/*
+```
+
+After this initial upload, you won't need to use tokens anymore.
+
+## Step 2: Configure Trusted Publisher on PyPI
+
+### 2.1 Access PyPI Project Settings
+
+1. Go to https://pypi.org/manage/project/changes-roller/settings/
+2. Log in with your PyPI account (must have maintainer access)
+3. Scroll to the **Publishing** section
+
+### 2.2 Add Pending Publisher
+
+Click **"Add a new pending publisher"** and fill in:
+
+| Field                 | Value            |
+| --------------------- | ---------------- |
+| **PyPI Project Name** | `changes-roller` |
+| **Owner**             | `k-pavlo`        |
+| **Repository name**   | `changes-roller` |
+| **Workflow filename** | `release.yml`    |
+| **Environment name**  | `release`        |
+
+### 2.3 Save Configuration
+
+Click **"Add"** to save the trusted publisher configuration.
+
+The publisher will show as "pending" until the first successful publish from GitHub Actions.
+
+## Step 3: Configure GitHub Environment (Optional but Recommended)
+
+Add extra protection by configuring the `release` environment in GitHub:
+
+1. Go to https://github.com/k-pavlo/changes-roller/settings/environments
+2. Click **"New environment"**
+3. Name it: `release`
+4. Configure protection rules:
+   - ✅ **Required reviewers**: Add maintainers (optional)
+   - ✅ **Deployment branches**: Select "Selected branches" → Add `main`
+5. Click **"Save protection rules"**
+
+This ensures releases can only be triggered from the `main` branch and optionally require manual approval.
+
+## Step 4: Test the Setup
+
+Create a test release to verify the configuration:
+
+```bash
+# 1. Ensure you're on main branch
+git checkout main
+git pull origin main
+
+# 2. Bump version (or create a test tag manually)
+cz bump
+
+# 3. Push the tag
+git push origin --tags
+
+# 4. Monitor GitHub Actions
+# Go to: https://github.com/k-pavlo/changes-roller/actions
+# Watch the "Release to PyPI" workflow
+```
+
+### Expected Workflow Steps
+
+1. ✅ **Build** - Package is built with hatchling
+2. ✅ **Publish to PyPI** - Authenticates via OIDC and uploads
+3. ✅ **Create GitHub Release** - Release is created with notes
+
+### Verification
+
+After workflow completes:
+
+- **PyPI**: Visit https://pypi.org/project/changes-roller/ and verify new version is listed
+- **GitHub**: Visit https://github.com/k-pavlo/changes-roller/releases and verify release is created
+- **Install**: Test `pip install changes-roller==<version>`
+
+## Troubleshooting
+
+### "Trusted publisher validation failed"
+
+**Problem**: PyPI cannot verify the OIDC token from GitHub Actions.
+
+**Solutions**:
+
+1. **Check PyPI configuration**:
+   - Verify owner name matches: `k-pavlo`
+   - Verify repo name matches: `changes-roller`
+   - Verify workflow name matches: `release.yml`
+   - Verify environment name matches: `release`
+
+2. **Check GitHub workflow**:
+   - Verify workflow file is named `.github/workflows/release.yml`
+   - Verify workflow uses `environment: release`
+   - Verify workflow has `permissions: id-token: write`
+
+3. **Check workflow trigger**:
+   - Trusted publishing only works when triggered by tag push matching the pattern
+   - Manual workflow runs won't work if they don't set the environment correctly
+
+### "This filename has already been used"
+
+**Problem**: Trying to re-upload the same version to PyPI.
+
+**Solution**: PyPI doesn't allow re-uploading the same version. Bump to a new version.
+
+### "Publisher is pending"
+
+**Problem**: Trusted publisher shows as "pending" on PyPI.
+
+**Solution**: This is normal before the first successful publish. After the first successful automated publish from GitHub Actions, it will change to "active".
+
+### "403 Forbidden" when publishing
+
+**Problem**: Workflow doesn't have permission to publish.
+
+**Solutions**:
+
+1. Verify the PyPI project name matches exactly: `changes-roller`
+2. Ensure the workflow is running from the correct repository
+3. Check that the workflow has the correct environment configured
+4. Verify `id-token: write` permission is set
+
+## Additional Resources
+
+- [PyPI Trusted Publishers Documentation](https://docs.pypi.org/trusted-publishers/)
+- [GitHub OIDC Documentation](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect)
+- [PyPA Publishing Action](https://github.com/pypa/gh-action-pypi-publish)
+
+## Support
+
+If you encounter issues:
+
+1. Check the workflow logs in GitHub Actions
+2. Review the PyPI trusted publisher configuration
+3. Consult the resources above
+4. Open an issue on the repository for help
+
+## Migration from Token-based Publishing
+
+If you previously used API tokens:
+
+1. Remove the `PYPI_API_TOKEN` secret from GitHub repository settings
+2. Configure trusted publisher as described above
+3. The workflow already supports trusted publishing (no changes needed)
+4. Previous token-based uploads are still valid and don't need to be redone
+
+## Security Notes
+
+- **No secrets required**: Trusted publishing uses OIDC, not static tokens
+- **Automatic rotation**: Authentication tokens are ephemeral (valid only for the workflow run)
+- **Audit trail**: All publishes are logged on PyPI with full context
+- **Scoped access**: Publisher can only publish to the specific package from the specific repo/workflow
+- **Revocable**: Publisher can be removed from PyPI settings at any time
+
+## Maintenance
+
+The trusted publisher configuration should not need regular maintenance. However:
+
+- If you rename the repository, update the trusted publisher configuration
+- If you rename the workflow file, update the trusted publisher configuration
+- If you change the environment name, update both PyPI and the workflow
+- Review active publishers periodically in PyPI settings