feat(ENG-12402): add PyPI publishing setup with Release Please CI

.github/workflows/ci.yaml

@@ -0,0 +1,24 @@
+name: CI
+
+on:
+  push:
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v4
+      - uses: astral-sh/setup-uv@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - run: uv sync --group dev
+      - run: uv run pytest

.github/workflows/release.yaml

@@ -0,0 +1,31 @@
+name: Release Please
+
+on:
+  push:
+    branches: [main]
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  release-please:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: googleapis/release-please-action@v4
+        id: release
+        with:
+          config-file: .release-please-config.json
+          manifest-file: .release-please-manifest.json
+
+      - uses: actions/checkout@v4
+        if: ${{ steps.release.outputs.release_created }}
+
+      - uses: astral-sh/setup-uv@v5
+        if: ${{ steps.release.outputs.release_created }}
+
+      - name: Build and publish
+        if: ${{ steps.release.outputs.release_created }}
+        env:
+          UV_PUBLISH_TOKEN: ${{ secrets.PYPI_API_TOKEN }}
+        run: uv build && uv publish

.release-please-config.json

@@ -0,0 +1,15 @@
+{
+  "release-type": "python",
+  "changelog-path": "CHANGELOG.md",
+  "bump-minor-pre-major": true,
+  "bump-patch-for-minor-pre-major": true,
+  "draft": false,
+  "prerelease": false,
+  "include-v-in-tag": true,
+  "packages": {
+    ".": {
+      "package-name": "stackone-defender"
+    }
+  },
+  "$schema": "https://raw.githubusercontent.com/googleapis/release-please/main/schemas/config.json"
+}

.release-please-manifest.json

@@ -0,0 +1 @@
+{ ".": "0.1.0" }

CHANGELOG.md

@@ -0,0 +1 @@
+# Changelog

README.md

@@ -200,16 +200,6 @@ Tools not matching any pattern use `medium` base risk with default risky field d
 uv run pytest
 ```
 
-### Git LFS
-
-The ONNX model source files are stored with [Git LFS](https://git-lfs.com/). Contributors working on the model files need LFS installed:
-
-```bash
-brew install git-lfs
-git lfs install
-git lfs pull  # if you cloned before LFS was set up
-```
-
 ## License
 
 Apache-2.0 — See [LICENSE](./LICENSE) for details.

pyproject.toml

@@ -1,19 +1,37 @@
 [project]
 name = "stackone-defender"
 version = "0.1.0"
-description = "Prompt injection defense for AI tool-calling"
-requires-python = ">=3.10"
+description = "Indirect prompt injection defense for AI agents using tool calls"
+readme = "README.md"
+requires-python = ">=3.11"
+license = { text = "Apache-2.0" }
+authors = [{ name = "StackOne", email = "support@stackone.com" }]
+classifiers = [
+  "Development Status :: 4 - Beta",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: Apache Software License",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: 3.12",
+  "Programming Language :: Python :: 3.13",
+  "Topic :: Security",
+  "Topic :: Software Development :: Libraries :: Python Modules",
+]
 dependencies = []
 
+[project.urls]
+Homepage = "https://github.com/StackOneHQ/stackone-defender"
+Repository = "https://github.com/StackOneHQ/stackone-defender"
+
 [project.optional-dependencies]
 onnx = ["onnxruntime>=1.16.0", "tokenizers>=0.15.0", "numpy>=1.24.0"]
 
-[tool.uv]
-dev-dependencies = [
-    "pytest>=8.0",
-    "onnxruntime>=1.16.0",
-    "tokenizers>=0.15.0",
-    "numpy>=1.24.0",
+[dependency-groups]
+dev = [
+  "pytest>=8.0",
+  "onnxruntime>=1.16.0",
+  "tokenizers>=0.15.0",
+  "numpy>=1.24.0",
 ]
 
 [build-system]

src/stackone_defender/classifiers/onnx_classifier.py

@@ -11,7 +11,7 @@
 
 def _default_model_path() -> str:
     """Return path to the bundled ONNX model directory."""
-    return str(Path(__file__).resolve().parent.parent.parent.parent / "models" / "minilm-full-aug")
+    return str(Path(__file__).resolve().parent.parent / "models" / "minilm-full-aug")
 
 
 def _sigmoid(x: float) -> float:

src/stackone_defender/models/minilm-full-aug/config.json

@@ -0,0 +1,28 @@
+{
+	"add_cross_attention": false,
+	"architectures": ["BertModel"],
+	"attention_probs_dropout_prob": 0.1,
+	"bos_token_id": null,
+	"classifier_dropout": null,
+	"dtype": "float32",
+	"eos_token_id": null,
+	"gradient_checkpointing": false,
+	"hidden_act": "gelu",
+	"hidden_dropout_prob": 0.1,
+	"hidden_size": 384,
+	"initializer_range": 0.02,
+	"intermediate_size": 1536,
+	"is_decoder": false,
+	"layer_norm_eps": 1e-12,
+	"max_position_embeddings": 512,
+	"model_type": "bert",
+	"num_attention_heads": 12,
+	"num_hidden_layers": 6,
+	"pad_token_id": 0,
+	"position_embedding_type": "absolute",
+	"tie_word_embeddings": true,
+	"transformers_version": "5.1.0",
+	"type_vocab_size": 2,
+	"use_cache": true,
+	"vocab_size": 30522
+}