{"id":30018505,"url":"https://github.com/numpy/numpy-release","last_synced_at":"2025-10-26T08:04:38.741Z","repository":{"id":303197099,"uuid":"1014697714","full_name":"numpy/numpy-release","owner":"numpy","description":"Repository for building numpy release artifacts and making releases to PyPI","archived":false,"fork":false,"pushed_at":"2025-07-30T06:40:36.000Z","size":42,"stargazers_count":2,"open_issues_count":2,"forks_count":2,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-03T00:31:02.569Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/numpy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"open_collective":"numpy","tidelift":"pypi/numpy","custom":"https://numpy.org/about/#donate"}},"created_at":"2025-07-06T08:27:30.000Z","updated_at":"2025-07-30T06:40:41.000Z","dependencies_parsed_at":"2025-07-06T09:37:34.831Z","dependency_job_id":"fb0277b7-380f-49a9-b1ae-f5fde35d7cae","html_url":"https://github.com/numpy/numpy-release","commit_stats":null,"previous_names":["rgommers/numpy-release","numpy/numpy-release"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/numpy/numpy-release","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numpy%2Fnumpy-release","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numpy%2Fnumpy-release/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numpy%2Fnumpy-release/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numpy%2Fnumpy-release/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/numpy","download_url":"https://codeload.github.com/numpy/numpy-release/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/numpy%2Fnumpy-release/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268994667,"owners_count":24341579,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-05T02:00:12.334Z","response_time":2576,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-08-06T00:02:40.022Z","updated_at":"2025-10-26T08:04:38.688Z","avatar_url":"https://github.com/numpy.png","language":"Shell","readme":"# NumPy wheels and release tooling\n\nThis repository contains what is needed to build release artifacts (wheels and\nsdist) for the official [NumPy releases to\nPyPI](https://pypi.org/project/numpy/) as well as nightly wheel builds which\nare uploaded to\n[anaconda.org/scientific-python-nightly-wheels/numpy](https://anaconda.org/scientific-python-nightly-wheels/numpy).\n\nThis repository is minimal on purpose, for security reasons it contains only what is absolutely necessary. The repository settings are stricter than on the main [numpy/numpy](https://github.com/numpy/numpy/) repository, for example:\n\n- only the release \u0026 CI team has write access\n- for PRs from anyone without write access, CI will always need manual approval\n- linear history is required\n- GitHub actions are whitelisted, only the necessary ones will be allowed\n- no caching allowed, only clean builds from scratch\n- no self-hosted runners are allowed\n\nSee [numpy#29178](https://github.com/numpy/numpy/issues/29178) for more context.\n\n\n## Branches and tags\n\nThe `main` branch of this repository is meant to stay in sync with the `main` branch\nof the [numpy/numpy](https://github.com/numpy/numpy) repository. It runs scheduled builds\nas cron jobs twice a week, and uploads nightlies to \n[https://anaconda.org/scientific-python-nightly-wheels/numpy](anaconda.org/scientific-python-nightly-wheels/numpy).\n\nFor NumPy releases, the branch naming should match those of the main\n`numpy/numpy` repository, e.g., `maintenance/2.3.x` for the 2.3.x releases.\n\nWhich branch, commit or tag is built when a set of wheel builds is triggered is\ncontrolled by the `SOURCE_REF_TO_BUILD` variable at the top of\n`.github/workflows/wheels.yml`.\n\n\n## Build reproducibility\n\nWheel builds being fully reproducible is a long-term goal for this repository.\nAll dependencies and actions must be pinned, which allows us to already be\nclose to full reproducibility. However, we don't (yet) have full control over\nall ingredients that go into a wheel build, e.g. the containers which GitHub\nActions provide may change over time.\n\n\n## Trusted publishing and attestations\n\nThe release builds in this repository should be using trusted publishing to\npublish directly to PyPI (and TestPyPI), including attestations. Triggering\na release build has to be done by the `workflow_dispatch` in the\n[Actions UI in this repository](https://github.com/numpy/numpy-release/actions/workflows/wheels.yml),\nselecting `pypi` or `testpypi` as the target. This will use a GitHub Actions\n\"environment\" of the same name - before the uploads to PyPI actually happen,\nthe release manager can go in and inspect the build logs and produced wheels.\nOnce those look good, the release manager can finalize the release from the\n[deployments page in this repository](https://github.com/numpy/numpy-release/deployments).\n\n\n## Software Bill of Materials\n\nWe aim to start producing SBOMs and ship them inside NumPy wheels uploaded to\nPyPI, however as of today that is not implemented.\n\n\n## Security\n\nTo report a security vulnerability for NumPy itself, please see\n[the security policy on the main repo](https://github.com/numpy/numpy/?tab=security-ov-file#readme).\n\nTo discuss a supply chain security related topic for the code in this\nrepository, please open an issue on this repository if it can be discussed in\npublic, and otherwise please follow the security policy on the main repo.\n","funding_links":["https://opencollective.com/numpy","https://tidelift.com/funding/github/pypi/numpy","https://numpy.org/about/#donate"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumpy%2Fnumpy-release","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnumpy%2Fnumpy-release","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnumpy%2Fnumpy-release/lists"}