florecon 0.1.2

Incremental financial reconciliation by min-cost flow: a conserving combinator algebra over a network-simplex core. Nothing created, nothing lost.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

name: release

# Fires when you publish a GitHub Release. The tag (vX.Y.Z) must match the
# version in all three manifests (enforced by the guard job).
on:
  release:
    types: [published]

permissions:
  contents: read

jobs:
  guard:
    name: guard (tag == versions)
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v5
      - run: bash scripts/check-versions.sh "${{ github.event.release.tag_name }}"

  crates:
    name: publish to crates.io
    needs: guard
    runs-on: ubuntu-latest
    environment: release
    steps:
      - uses: actions/checkout@v5
      - uses: dtolnay/rust-toolchain@stable
      # florecon-derive must go first (florecon depends on it); cargo publish
      # waits for the index, so the second resolve succeeds. Skip any version
      # already on crates.io so re-runs / unchanged crates are idempotent.
      - name: publish derive then florecon
        env:
          CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}
        run: |
          ver() { grep -m1 '^version' "$1" | sed -E 's/.*"([^"]+)".*/\1/'; }
          publish() {
            local crate="$1" manifest="$2" v
            v=$(ver "$manifest")
            if curl -sf -A "florecon-release-ci" "https://crates.io/api/v1/crates/$crate/$v" >/dev/null; then
              echo "✓ $crate@$v already on crates.io — skipping"
            else
              echo "→ publishing $crate@$v"
              cargo publish -p "$crate"
            fi
          }
          publish florecon-derive florecon-derive/Cargo.toml
          publish florecon Cargo.toml

  pypi:
    name: publish to PyPI
    needs: guard
    runs-on: ubuntu-latest
    environment: release
    permissions:
      id-token: write # OIDC for PyPI Trusted Publishing (no stored token)
    steps:
      - uses: actions/checkout@v5
      - uses: astral-sh/setup-uv@v6
      - name: build wheel + sdist
        working-directory: hosts/python
        run: uv build
      - name: publish (trusted publishing)
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          packages-dir: hosts/python/dist
          skip-existing: true