repomatic 6.21.0

🏭 Automate repository maintenance, releases, and CI/CD workflows

A Python CLI and pyproject.toml configuration that let you release Python packages multiple times a day with only 2-clicks. Designed for uv-based Python projects, but usable for other projects too. The CLI operates through reusable GitHub Actions workflows as its CI delivery mechanism.

Maintainer-in-the-loop: nothing is done behind your back. A PR or issue is created every time a change is proposed or action is needed.

What it automates

• Version bumping, git tagging, and GitHub release creation
• Changelog management
• Python package building and PyPI publishing with supply chain attestations
• Cross-platform binary compilation (Linux / macOS / Windows, x86_64 / arm64)
• Formatting autofix for Python, Markdown, JSON, Shell, and typos
• Linting: Python types with mypy, YAML, GitHub Actions, workflow security, URLs, secrets, and Awesome lists
• Synchronization of uv.lock, .gitignore, .mailmap, and Mermaid dependency graph
• Label management with file-based and content-based rules
• Inactive issue locking
• Static image optimization
• Sphinx documentation building, deployment, and autodoc updates
• Awesome list template synchronization

Why repomatic

• 18 third-party GitHub Actions replaced by internal CLI commands and SHA-256-verified binary downloads, keeping the supply chain attack surface minimal
• 8 Python linters and formatters (pylint, black, isort, pyupgrade, pydocstyle, pycln, docformatter, blacken-docs) consolidated into ruff
• 5 packaging and install tools (poetry, build, twine, check-wheel-contents, pip-audit) consolidated into uv
• All uses: references pinned to full commit SHAs via Renovate, with stabilization windows before adopting new versions
• SLSA provenance attestations on every release artifact (wheels and compiled binaries)
• VirusTotal scanning of compiled binaries to seed AV vendor databases and reduce false positives
• Trusted Publishing for PyPI uploads: no long-lived tokens stored as secrets
• Immutable releases enforced via GitHub's tag protection and release locking
• Workflow security linting with zizmor on every push to catch dangerous triggers and excessive permissions
• Credential scanning with gitleaks to prevent secret leakage
• Single pyproject.toml configuration: no extra dotfiles, no JSON configs, no YAML presets to maintain
• 15+ code quality tools (ruff, mypy, biome, typos, mdformat, shfmt, yamllint, actionlint, lychee, oxipng, jpegoptim, pyproject-fmt, labelmaker, gitleaks, zizmor) managed through one repomatic run <tool> interface with automatic installation and platform-specific binary caching

Quick start

$ cd my-project
$ uvx -- repomatic init
$ git add .
$ git commit -m "Add repomatic"
$ git push

Works for new and existing repositories. Managed files are always regenerated to the latest version; changelog.md is never overwritten. Push, and the workflows guide you through remaining setup via issues and PRs.

See repomatic init --help for available components and options.

Documentation

See the full documentation for:

• Installation methods and executables
• [tool.repomatic] configuration reference
• CLI parameters
• Reusable workflow reference (all 13 workflows with job descriptions)
• Security practices and token setup
• Claude Code skills
• API reference

Used in

Check these projects to get real-life examples of usage and inspiration:

• Awesome Falsehood - Falsehoods Programmers Believe in.
• Awesome Engineering Team Management - How to transition from software development to engineering management.
• Awesome IAM - Identity and Access Management knowledge for cloud platforms.
• Awesome Billing - Billing & Payments knowledge for cloud platforms.
• Meta Package Manager - A unifying CLI for multiple package managers.
• Mail Deduplicate - A CLI to deduplicate similar emails.
• dotfiles - macOS dotfiles for Python developers.
• Click Extra - Extra colorization and configuration loading for Click.
• repomatic - Itself. Eat your own dog-food.
• Extra Platforms - Detect platforms and group them by family.

Send a PR to add your project if you use repomatic.

Development

See claude.md for development commands, code style, testing guidelines, and design principles.