Skip to content

Update CI to tag release, and release 0.2.0 #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
gregnazario merged 2 commits into from
Apr 6, 2026
Merged

Update CI to tag release, and release 0.2.0 #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
82e5b57
[ci] Add release tagging as well
gregnazario Apr 6, 2026
555d586
[release] Release 0.2.0
gregnazario Apr 6, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion .github/workflows/pypi_publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
workflow_dispatch:

permissions:
contents: read
contents: write
id-token: write # required for PyPI trusted publishing (OIDC)
Comment on lines 8 to 10
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changing workflow permissions to contents: write grants repo write access to the whole job. Since this is only needed for tagging, consider splitting tagging into a separate job (dependent on publish) with contents: write, keeping the publish/build job at contents: read to follow least-privilege and reduce blast radius if a step/action is compromised.

Copilot uses AI. Check for mistakes.

jobs:
Expand Down Expand Up @@ -47,6 +47,7 @@ jobs:
print('true' if Version('${LOCAL}') > Version('${REMOTE}') else 'false')
")
echo "publish=${SHOULD_PUBLISH}" >> "$GITHUB_OUTPUT"
echo "version=${LOCAL}" >> "$GITHUB_OUTPUT"

- name: Install, lint, test, build
if: steps.version.outputs.publish == 'true'
Expand All @@ -62,3 +63,9 @@ jobs:
if: steps.version.outputs.publish == 'true'
uses: pypa/gh-action-pypi-publish@release/v1
# Uses OIDC trusted publishing — no API token needed

- name: Tag release
if: steps.version.outputs.publish == 'true'
run: |
git tag "v${{ steps.version.outputs.version }}"
git push origin "v${{ steps.version.outputs.version }}"
Comment on lines +70 to +71
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tagging commands will fail on workflow re-runs or if the tag already exists remotely (e.g., git tag errors locally or git push is rejected), which can leave the package published but the workflow marked failed. Add an existence check (local+remote) and skip tagging if v<version> already exists, or make the push logic explicitly idempotent.

Suggested change
git tag "v${{ steps.version.outputs.version }}"
git push origin "v${{ steps.version.outputs.version }}"
TAG="v${{ steps.version.outputs.version }}"
if git rev-parse -q --verify "refs/tags/$TAG" >/dev/null; then
echo "Tag $TAG already exists locally; skipping tag creation."
exit 0
fi
if git ls-remote --exit-code --tags origin "refs/tags/$TAG" >/dev/null 2>&1; then
echo "Tag $TAG already exists on origin; skipping tag push."
exit 0
fi
git tag "$TAG"
git push origin "$TAG"

Copilot uses AI. Check for mistakes.
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[project]
name = "decibel-python-sdk"
version = "0.1.2"
version = "0.2.0"
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[project].version is now 0.2.0, but the package exports decibel.__version__ from src/decibel/_version.py, which is currently set to 0.1.0. This will cause the runtime-reported version to disagree with the published package version; update the exported version source to stay in sync (or derive it from package metadata).

Suggested change
version = "0.2.0"
version = "0.1.0"

Copilot uses AI. Check for mistakes.
description = "Python SDK for interacting with Decibel, a fully on-chain trading engine built on Aptos."
readme = "README.md"
license = "MIT"
Expand Down
2 changes: 1 addition & 1 deletion uv.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading