Trim release ZIP to WRAITH.exe + README only#36
Merged
Conversation
The previous staging step packaged the entire repo working tree into
the release ZIP — scanner/, automation/, quick-scan.ps1, START.bat,
wraith.env.json, LICENSE — leaving end users with raw source
artefacts instead of a Windows-branded executable.
ZIP now contains exactly two files:
WRAITH.exe - self-contained, icon and version stamped via the
csproj ApplicationIcon + the publish-step -p:Version
/ -p:FileVersion / -p:AssemblyVersion arguments
README.md
Dropped the Write START.bat step entirely (140 lines of heredoc that
shelled out to Python install logic). The EXE handles bootstrap on
first launch via BootstrapService; nothing needs to live next to it
in the archive.
Release-page body trimmed to match: 'Download, extract, double-click
WRAITH.exe' — no START.bat, no quick-scan.ps1, no Python pre-install
instructions. The header comment block listing ZIP contents is
updated to the new two-file inventory.
Velopack publish (./publish-velopack, used for the installer
channel) is unaffected — it still pulls scanner/ + automation/ via
the csproj Content includes, which is what installed users need.
There was a problem hiding this comment.
Pull request overview
This PR updates the GitHub Actions deploy workflow to slim the portable Windows release ZIP so it no longer ships the repository working tree (scripts + source directories), and instead targets a minimal end-user download.
Changes:
- Updates the release ZIP staging step to copy only
WRAITH.exeandREADME.mdinto./release/before zipping. - Removes the generated
START.batstep and removes release-notes text that referencedSTART.bat,quick-scan.ps1, and Python auto-install behavior. - Updates the header comment describing the ZIP’s intended contents.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+296
to
300
| # Everything else (scanner/, automation/, etc.) is embedded in | ||
| # the EXE via the csproj Content includes or surfaced through | ||
| # the in-app feed-refresh flow — the user should never see | ||
| # raw repo contents in the release archive. | ||
| Copy-Item ./publish/WRAITH.exe ./release/WRAITH.exe |
5 tasks
OpenSource-For-Freedom
added a commit
that referenced
this pull request
Jun 7, 2026
PR #36 trimmed the ZIP to just WRAITH.exe + README.md on the assumption that the csproj Content includes embedded the Python scanner and the PowerShell automation scripts inside the single-file binary. They don't. CopyToOutputDirectory drops those trees ALONGSIDE the EXE in ./publish; the single-file bundler only ingests managed assemblies and native libs. Result: portable ZIP users extracted, double-clicked WRAITH.exe, hit Scan, and every Python-backed scan failed with "Python scanner not found at <extract-dir>\scanner\scanner.py" because BootstrapService .ResolveBaseDir() joins "scanner" to the EXE dir and the ZIP had none. Stage step now copies ./publish/scanner and ./publish/automation into ./release before the Compress-Archive call, sourcing from the publish output so the csproj's existing Exclude pattern (test_*.py, __pycache__, *.pyc) automatically carries through — no duplicate filter to drift. Header comment + ZIP inventory block updated to match. Kept out (PR #36 intent preserved): START.bat, quick-scan.ps1, wraith.env.json template, LICENSE, repo CI/test files. The portable ZIP is now exactly the runtime payload — nothing more, nothing less. Velopack installer path was never broken by PR #36 (it consumes ./publish-velopack which still includes the directories via the same csproj rule), so this fix is portable-ZIP-only.
This was referenced Jun 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
The latest build artifact ZIP shipped the entire repo working tree —
scanner/,automation/,quick-scan.ps1,START.bat,wraith.env.json,LICENSE— instead of a Windows-branded executable. Users opening the download saw raw source artefacts.Fix
./release/staging now copies exactly two files into the ZIP:WRAITH.exe<ApplicationIcon>WRAITH/Assets/wraith.ico</ApplicationIcon>from the csproj plus-p:Version/-p:FileVersion/-p:AssemblyVersion/-p:InformationalVersionfrom the publish step.README.mdRemoved
Write START.batheredoc step — the EXE'sBootstrapServicealready handles first-launch Python install.Copy-Item -Recurse ./scanner ./release/scannerand the matching./automationrecurse.Copy-Item ./quick-scan.ps1 ./release/quick-scan.ps1.Copy-Item ./LICENSE ./release/LICENSE.wraith.env.jsontemplate emission.START.bat will: auto-install Python …, thequick-scan.ps1snippet, and thePython | Auto-installed by START.batrequirements row.Untouched
Velopack publish (
./publish-velopack, installer channel) still pullsscanner/+automation/via the csprojContent Includeitems. Installed users get the full surface; only the portable ZIP is slimmed.Verification
python3 -c "import yaml; yaml.safe_load(...)"clean.Test plan
WRAITH-vX.Y.Z-win-x64.zip.WRAITH.exe+README.md.