From 4090c788a20542ae8f381285c5060e5c30171fbd Mon Sep 17 00:00:00 2001 From: Ryan Malloy Date: Tue, 5 May 2026 17:38:13 -0600 Subject: [PATCH] Strip operator-private files from sdist + add structural defense MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The PII audit run before this publish caught three files that have been leaking operator-specific paths to PyPI in v2.1.6, v2.1.7, and v2.2.0: - claude_desktop_config.json (personal Claude Desktop config snapshot) - mcp-pdf-tools-launcher.sh (obsolete — uvx replaces it) - mcp-config-example.json (had hardcoded /home/rpm path + old package name) Fix: - Delete the personal config and obsolete launcher - Sanitize the example to use uvx with the [markdown] extra (matches docs) - Add [tool.hatch.build.targets.sdist] exclude block per ~/.claude/rules/python.md to prevent recurrence — covers dev artifacts, fixture PDFs, internal architecture notes, and CI scripts Side benefit: sdist size dropped from 2.4 MB to 304 KB (8× reduction), mostly from excluding examples/*.pdf and the tests/ fixture PDF. The /home/rpm leaks in prior versions are not credentials, just operator paths — not yanking. Going forward the unpacked-sdist grep is mandatory before each publish. --- claude_desktop_config.json | 16 ---------------- mcp-config-example.json | 10 ++++++---- mcp-pdf-tools-launcher.sh | 3 --- pyproject.toml | 26 ++++++++++++++++++++++++++ 4 files changed, 32 insertions(+), 23 deletions(-) delete mode 100644 claude_desktop_config.json delete mode 100755 mcp-pdf-tools-launcher.sh diff --git a/claude_desktop_config.json b/claude_desktop_config.json deleted file mode 100644 index e56ec8e..0000000 --- a/claude_desktop_config.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "mcpServers": { - "pdf-tools": { - "command": "uv", - "args": [ - "--directory", - "/home/rpm/claude/mcp-pdf-tools", - "run", - "mcp-pdf-tools" - ], - "env": { - "PDF_TEMP_DIR": "/tmp/mcp-pdf-processing" - } - } - } -} \ No newline at end of file diff --git a/mcp-config-example.json b/mcp-config-example.json index 2c5b73e..025520d 100644 --- a/mcp-config-example.json +++ b/mcp-config-example.json @@ -1,9 +1,11 @@ { "mcpServers": { "pdf-tools": { - "command": "uv", - "args": ["run", "--directory", "/home/rpm/claude/mcp-pdf-tools", "mcp-pdf-tools"], - "env": {} + "command": "uvx", + "args": ["--from", "mcp-pdf[markdown]", "mcp-pdf"], + "env": { + "PDF_TEMP_DIR": "/tmp/mcp-pdf-processing" + } } } -} \ No newline at end of file +} diff --git a/mcp-pdf-tools-launcher.sh b/mcp-pdf-tools-launcher.sh deleted file mode 100755 index 3b08e5e..0000000 --- a/mcp-pdf-tools-launcher.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -cd /home/rpm/claude/mcp-pdf-tools -exec uv run mcp-pdf-tools "$@" \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index e201fc8..3242b58 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -99,6 +99,32 @@ dev = [ requires = ["hatchling"] build-backend = "hatchling.build" +# Keep dev-only artifacts out of the sdist that ships to PyPI. +# (The PII audit also runs against the unpacked sdist before each publish — +# see ~/.claude/rules/python.md.) +[tool.hatch.build.targets.sdist] +exclude = [ + "CLAUDE.md", # operator-private project context + ".env", ".env.local", # never ship credentials + ".mcp.json", # contains local filesystem paths + ".pytest_cache/", + ".ruff_cache/", + "build/", + "dist/", + "examples/page_001.png", + "examples/*.pdf", # demo PDFs are large + not needed by end users + "examples/test_demo.*", + "tests/CopperSprings_DigitalPortfolio.pdf", # large fixture PDF + "test_security_features.py", + "test_integration.py", + "MCPMIXIN_*.md", # internal architecture/migration notes + "MCP_DOCX_TOOLS_PLAN.md", + "claude-mcp-manager", # personal helper script + "run-mcp-server.sh", + "docker-compose.yml", + "Dockerfile", +] + [tool.pytest.ini_options] asyncio_mode = "auto" addopts = "-v --tb=short"