Zain Dana HarperThe release toolkit · the shipping discipline

RELEASE-SAFETY & AGENT TOOLKIT

Small tools, so that shipping is a discipline, not a hope.

Around the bigger working parts is a ring of small, single-purpose tools — the ones that run every time I put something out. They sweep a repository for passwords, keys, and tokens that must not leak, and check that required files are present before anything goes public. They index the evidence so a reviewer can actually check it, confirm that a release’s honest record of where it came from matches what it claims, guard the file reads, file writes, and shell calls a process makes, and keep a live map of every repo I’m working across. None of them are glamorous. That’s the point: the discipline is in the boring parts being automatic.

And because the rule here is proof before trust, this page does the thing the rule demands — it tells you exactly which of these are on PyPI and which are only on GitHub, instead of rounding up.

6 published to PyPI · the rest public on GitHub · stdlib-first

On PyPI — you can pip install these today.

proof-surface v0.1.0 — the accountability contract: a checkpoint that says no until it’s sure, records of work done and permission given, and chains of who delegated what. The shared foundation the release-safety tools clip onto. its own page →

public-surface-sweeper v0.1.1 — the check you run before a release goes out: confirms required files are present and sweeps for passwords, keys, or tokens that must not leak, so nothing slips public that shouldn’t. Built on proof-surface.

repo-proof-index v0.1.1 — an index over the evidence records and receipts a project produces, laid out so a reviewer can actually check them. It collects and organizes the evidence; it never certifies it — that stays a human’s job.

model-provenance-validator v0.1.1 — checks a model or release’s honest record of where it came from against what it claims, and blacks out any passwords, keys, or tokens from its own output while doing it.

workspace-repo-map v0.2.0 — a compact JSON inventory of every git repo in a multi-repo workspace: the tool that lets the whole system know its own shape at a glance. quanta-color is the sixth on PyPI — a product, with its own page.

Public on GitHub — built and open, not yet on a package index.

The rest are real and public, just not published to PyPI — so I list them here as what they are. secret-redact-io — wraps file reads, web fetches, and shell calls so that passwords, keys, or tokens are blacked out before they leave, and keeps a fingerprint-only record for auditing. provenance-sensorium — the evidence receipt you produce before shipping (its own page). release-surface-scanner and proof-surface-report — release-packet scanning and review reporting. And a small set of agent-workflow tools — agent-routing-kit, context-curator-lite, agent-hook-pack, workflow-harness-lite — plus gpu-trace-validator, which checks GPU-trace JSON against a schema and emits bounded receipts.

“Public” here means the source is on GitHub and open to read. It does not mean “on PyPI” — and I’ll keep those two words apart.

The count, corrected in the open. Proof before trust, on my own résumé.

An earlier version of this site said “19 packages on PyPI.” That was rounding GitHub-public repos and unpublished local packages into the PyPI number. Checked against the index, the honest figure is six. So here is the real artifact, and the real count.

Exhibit I The release toolkit · a published tool, and the honest tally
# installed straight from PyPI — a real published package
$ pip install workspace-repo-map && workspace-repo-map --help
usage: workspace-repo-map [-h] [--root ROOT] [--output OUTPUT] [--json] ...
Compact JSON repository inventory maps for multi-repo workspaces.

# the honest accounting of what is actually ON PyPI:
proof-surface             0.1.0
public-surface-sweeper    0.1.1
repo-proof-index          0.1.1
model-provenance-validator 0.1.1
workspace-repo-map        0.2.0
quanta-color              1.0.1
# = 6 on PyPI. The rest are public on GitHub — counted separately, on purpose.

Six packages, verified against the package index by author. The other tools are real and public — they’re just on GitHub, and saying so is cheaper than being caught rounding up.

Verified against the live PyPI index, 2026-06-21. Honest limit / correction: the old “19 on PyPI” figure conflated three different things — published packages, public-on-GitHub repos, and packages only installed locally from source. One of the names I’d listed (agent-audit) turned out to be a different author’s package entirely, so it’s dropped from any claim. This is exactly the kind of quiet over-count the whole project exists to catch — including when I’m the one who made it. See a sample release hygiene report →

Why a ring of tiny tools.

A discipline you have to remember isn’t one. The reason these exist as separate, boring, single-purpose tools is that the moment release-safety depends on me being careful at the end of a long day, it’s already failed. So the sweep, the index, the check of where a release came from, the guarded file and shell calls — each is small enough to run every time and trust, and each says no by default and refuses to round up. They’re the connective discipline that lets the bigger working parts ship without me crossing my fingers.

Six on PyPI, the rest on GitHub — and I’d rather state the smaller true number than the bigger comfortable one.

GitHubHarperZ9  ·  Emailzaindharper@gmail.com  ·  ← the map  ·  the index