chore: swap pyproject author email to GitHub noreply#111
Merged
Conversation
Pre-publish hygiene per #98: pyproject.toml carried the maintainer's personal Gmail in the [authors] block, which becomes world-readable the moment the repo is flipped public (and gets scraped by PyPI-style metadata indexers regardless). Swaps to the GitHub privacy-protected noreply alias (41453723+constk@users.noreply.github.com) that already serves as the git-author identity across develop/main history. Same contact identity, less personal-data leak. Closes #98. Also closes #97 — the artifact-tracking audit ran clean on the current checkout (no .coverage, .venv, __pycache__, .pyc, or node_modules tracked). Self-version bump 0.2.18 -> 0.2.19 (chore = PATCH).
This was referenced May 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What & why
Pre-publish hygiene per #98. pyproject.toml carries the maintainer's personal Gmail in the
[authors]block:That field becomes world-readable the moment the repo flips public (and gets picked up by PyPI-style metadata scrapers regardless of whether the package is published).
Swaps to the GitHub privacy-protected noreply alias
41453723+constk@users.noreply.github.com— the same identity that already serves as the git-author across develop/main history (git log --format='%ae' | sort -ureturns only the noreply on both branches). Same contact identity, no personal-data leak.Also covers #97: the artifact-tracking audit was run inline and returned clean. No
.coverage,.venv,__pycache__,.pyc,.env, ornode_modulesare tracked.Closes #97 (clean audit). Closes #98 (resolution).
Self-version bump 0.2.18 → 0.2.19.
Test plan
git log --format='%ae' | sort -uon develop returned only the noreplygit ls-files | grep -iE '(\.coverage|\.venv|__pycache__|\.pyc$|\.env$|node_modules/)'returned nothinggit grep -iE '(aurecongroup\.com|@gmail\.com)' -- ':!*.lock' ':!*.svg' ':!CHANGELOG*'returned only the pyproject.toml line being changeduv run --frozen pytest tests/ -q→ 215 passeduv run --frozen ruff check .→ All checks passedInvariants affected
None.
New deps / actions / external surface
None — only the package-metadata
authors[0].emailfield changes.Linked issues
Closes #97
Closes #98