Generate maintainer-readiness reports for open source repositories.
Project description
Maintainer Readiness Kit
Maintainer Readiness Kit is a small, dependency-light CLI that audits an open source repository for maintainer-facing signals: documentation, license files, security policy, issue and pull request templates, CI, tests, recent git activity, and high-risk local secret files.
The goal is simple: give solo and small-team maintainers a repeatable report they can use before publishing a repository, onboarding contributors, or asking for support from open source maintainer programs.
Who Should Use It
- Maintainers preparing a repository for public contributors.
- Solo developers who need a concrete pre-release checklist.
- Teams that want CI to fail when maintainer basics regress.
- Open source applicants who need honest, shareable evidence instead of vague claims.
What It Helps You Decide
Use it when you need a quick answer to:
- Is this repository ready to make public?
- What maintainer files are missing before I invite contributors?
- Will CI fail if the repository falls below a readiness threshold?
- What ecosystem-specific maintenance steps should I add next?
- Can I share a report without leaking my local machine path?
Features
- Scores maintainer-readiness signals with evidence and suggested fixes.
- Reads local git activity without requiring network access.
- Optionally enriches the report with public GitHub repository signals.
- Summarizes stale open issues and pull requests for public GitHub reports.
- Generates starter maintainer templates for
CONTRIBUTING.md,SECURITY.md, issue templates, pull request templates, and a GitHub Actions smoke workflow. - Performs a conservative high-risk file check before public release.
- Outputs Markdown or JSON for CI and handoff docs.
- Outputs SARIF for CI and code-scanning workflows.
- Outputs Shields endpoint badge JSON for project dashboards.
- Runs as a reusable GitHub Action.
- Reads
maintainer-readiness.toml/.maintainer-readiness.tomldefaults. - Classifies readiness as
ready,nearly-ready, orneeds-work. - Detects Python, Node.js, Rust, Go, and Java/JVM manifests and adds ecosystem-specific maintainer recommendations.
Quick Start
Install from the repository:
git clone https://github.com/YUUDAI-s/maintainer-readiness-kit.git
cd maintainer-readiness-kit
python -m pip install -e .
maintainer-readiness inspect . --output readiness-report.md
maintainer-readiness inspect . --fail-under 90
Use it directly in GitHub Actions:
steps:
- uses: actions/checkout@v4
- uses: YUUDAI-s/maintainer-readiness-kit@v0.7.0
with:
repo: owner/name
fail-under: "80"
output: readiness-report.md
sarif: readiness.sarif
badge-json: readiness-badge.json
Public demo repository:
YUUDAI-s/maintainer-readiness-kit-action-demo
uses the reusable action in CI.
Install from PyPI:
python -m pip install maintainer-readiness-kit
maintainer-readiness inspect . --output readiness-report.md
For local source development without installation:
$env:PYTHONPATH = "src"
python -m maintainer_readiness inspect . --output readiness-report.md
python -m maintainer_readiness inspect . --fail-under 90
Typical output:
Score: 100 / 100 (100.0%)
Level: ready
Ecosystem Recommendations: Python
High-Risk File Warnings: No high-risk credential filenames found.
To include public GitHub signals:
python -m maintainer_readiness inspect . --repo YUUDAI-s/maintainer-readiness-kit --output readiness-report.md
To add starter maintainer files to another repository:
python -m maintainer_readiness init C:\path\to\repo
Use --force only when you intentionally want to overwrite an existing starter
file.
Commands
inspect
python -m maintainer_readiness inspect . --output readiness-report.md
python -m maintainer_readiness inspect . --json
python -m maintainer_readiness inspect . --repo owner/name
python -m maintainer_readiness inspect . --root-label public-sample
python -m maintainer_readiness inspect . --repo owner/name --stale-days 14
python -m maintainer_readiness inspect . --sarif readiness.sarif
python -m maintainer_readiness inspect . --badge-json readiness-badge.json
python -m maintainer_readiness inspect . --config maintainer-readiness.toml
Config files use simple TOML scalar values:
repo = "owner/name"
output = "readiness-report.md"
sarif = "readiness.sarif"
badge-json = "readiness-badge.json"
root-label = "public-demo"
stale-days = 14
fail-under = 90
inspect automatically reads maintainer-readiness.toml or
.maintainer-readiness.toml from the inspected root when present. CLI flags
override config values.
See examples/maintainer-readiness.toml for a copy-ready configuration file.
The Markdown report includes:
- overall readiness score,
- readiness level,
- passing and missing signals,
- local git maintenance evidence,
- optional public GitHub evidence,
- stale open issue and pull request counts when
--repois used, - high-risk file warnings,
- ecosystem-specific recommendations,
- next actions before public release.
For CI, use --fail-under to make the command return a non-zero exit code when
the readiness percentage is below your chosen threshold.
Use --stale-days with --repo when your project has a shorter or longer
triage window than the default 30 days.
Use --sarif readiness.sarif when you want failed checks and high-risk file
warnings in a code-scanning compatible format.
Use --badge-json readiness-badge.json when you want a Shields-compatible
endpoint JSON payload for a dashboard or docs site.
GitHub Actions
name: Maintainer readiness
on:
pull_request:
push:
branches: [main]
jobs:
smoke:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: YUUDAI-s/maintainer-readiness-kit@v0.7.0
with:
config: maintainer-readiness.toml
repo: owner/name
fail-under: "80"
output: readiness-report.md
sarif: readiness.sarif
badge-json: readiness-badge.json
- uses: github/codeql-action/upload-sarif@v3
if: always()
with:
sarif_file: readiness.sarif
Action inputs are passed as CLI flags, so explicit inputs override matching
values from maintainer-readiness.toml. Leave an Action input empty when you
want the config file to provide that value.
init
python -m maintainer_readiness init .
This writes starter maintainer files only when they do not already exist:
CONTRIBUTING.mdSECURITY.mdMAINTAINERS.md.github/ISSUE_TEMPLATE/bug_report.yml.github/ISSUE_TEMPLATE/feature_request.yml.github/PULL_REQUEST_TEMPLATE.md.github/workflows/maintainer-readiness.yml
Design Principles
- Honest evidence over vanity metrics.
- Minimal runtime dependencies.
- Useful defaults for maintainers who work alone.
- No external writes from
inspect. - No claims that a repository qualifies for any external program.
Maintainer Workflows
This project is built for routine maintainer tasks:
- pre-publication checks before making a repository public,
- contributor onboarding checks before accepting outside PRs,
- release-readiness checks before tagging a version,
- safety checks before attaching reports to sponsorship or maintainer-support applications,
- CI-friendly JSON output for repeatable repository hygiene reviews.
Limitations
This tool cannot prove that a repository is widely adopted, safe, or eligible for any benefit. It only turns common maintainer signals into a compact, verifiable report. Program applications still require accurate information about the applicant, repository, role, usage, and maintainer status.
Development
$env:PYTHONPATH = "src"
python -m unittest discover -s tests
python -m maintainer_readiness inspect . --output readiness-report.md
See ROADMAP.md for near-term maintainer-focused work. See examples/reports for generated reports from real repositories. See the public action demo at YUUDAI-s/maintainer-readiness-kit-action-demo. See docs/pypi.md for package build and publishing notes. See docs/community-launch.md for community launch copy and posting rules. See examples/github-action.yml for a copyable GitHub Actions workflow.
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file maintainer_readiness_kit-0.7.0.tar.gz.
File metadata
- Download URL: maintainer_readiness_kit-0.7.0.tar.gz
- Upload date:
- Size: 21.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d711f0309afe83e8158a790045b9d4b1717ba13b432269137aa1a15827bd6aec
|
|
| MD5 |
ebc949892884f202a22a20b3fead9b55
|
|
| BLAKE2b-256 |
d204f3f95267f4619256f849c61749dba3bc073a6fe4a3a1edc6555ca9d80a7c
|
Provenance
The following attestation bundles were made for maintainer_readiness_kit-0.7.0.tar.gz:
Publisher:
publish-python.yml on YUUDAI-s/maintainer-readiness-kit
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
maintainer_readiness_kit-0.7.0.tar.gz -
Subject digest:
d711f0309afe83e8158a790045b9d4b1717ba13b432269137aa1a15827bd6aec - Sigstore transparency entry: 1811943128
- Sigstore integration time:
-
Permalink:
YUUDAI-s/maintainer-readiness-kit@6f43eecd05fedfa16fae01368bbc71b986b923bc -
Branch / Tag:
refs/tags/v0.7.0 - Owner: https://github.com/YUUDAI-s
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-python.yml@6f43eecd05fedfa16fae01368bbc71b986b923bc -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file maintainer_readiness_kit-0.7.0-py3-none-any.whl.
File metadata
- Download URL: maintainer_readiness_kit-0.7.0-py3-none-any.whl
- Upload date:
- Size: 19.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9862fa6753474e01f630c3b65734d737ed7b6c7a7c6f1a70efcad21ca87c0362
|
|
| MD5 |
aab322210e85c40a78dceaf30d79fe03
|
|
| BLAKE2b-256 |
a75da61765905c35f9f6856939d0b5c5f56c30618c89ca25de96b1fa2d7ad984
|
Provenance
The following attestation bundles were made for maintainer_readiness_kit-0.7.0-py3-none-any.whl:
Publisher:
publish-python.yml on YUUDAI-s/maintainer-readiness-kit
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
maintainer_readiness_kit-0.7.0-py3-none-any.whl -
Subject digest:
9862fa6753474e01f630c3b65734d737ed7b6c7a7c6f1a70efcad21ca87c0362 - Sigstore transparency entry: 1811943152
- Sigstore integration time:
-
Permalink:
YUUDAI-s/maintainer-readiness-kit@6f43eecd05fedfa16fae01368bbc71b986b923bc -
Branch / Tag:
refs/tags/v0.7.0 - Owner: https://github.com/YUUDAI-s
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-python.yml@6f43eecd05fedfa16fae01368bbc71b986b923bc -
Trigger Event:
workflow_dispatch
-
Statement type: