feat: improve release workflow with named binaries, wheel, GitHub release creation, and manual dispatch

[Copilot]

Improves the GitHub Actions release workflow with the following changes:

• Housekeeping: Updated actions/setup-python@v4 → @v5 in tests.yml
• Named binaries: Binaries produced by PyInstaller are renamed to specview-{version}-{platform} (e.g. specview-0.2.0-linux, specview-0.2.0-windows.exe)
• Wheel artifact: Added a build-wheel job that produces a Python wheel alongside the platform binaries
• GitHub Release: Added a release job that collects all artifacts and creates a GitHub Release automatically on tag push
• Internal artifact naming: Internal Actions artifact names are specview-{platform} (e.g. specview-linux, specview-macos, specview-windows) — not prefixed with binary-
• Security: Pinned actions/download-artifact to v4.1.3 to address an arbitrary file write vulnerability (CVE affecting >= 4.0.0, < 4.1.3)
• Manual dispatch: Added a workflow_dispatch trigger with a version input so the full pipeline can be triggered manually from the GitHub Actions UI without needing to push a real tag. Manual runs create a pre-release (clearly marked as a test) that can be deleted afterwards.

[jeremytrimble]

@copilot: Is it going to name the pyinstaller exectuables specview-binary-*? I think just specview-* would be better.

[Copilot]

@copilot: Is it going to name the pyinstaller exectuables specview-binary-*? I think just specview-* would be better.

The binary filenames in the release were already specview-{version}-{platform} (e.g. specview-0.2.0-linux). The specview-binary-* was only the internal Actions artifact name used to pass files between jobs. Fixed in f6c0311 — internal artifact names are now specview-{platform} (e.g. specview-linux, specview-macos, specview-windows).

[jeremytrimble]

@copilot I don't know GitHub actions that well. Is there a way to test these changes by creating a "fake" release?

[Copilot]

@copilot I don't know GitHub actions that well. Is there a way to test these changes by creating a "fake" release?

Yes — the easiest way is to push a lightweight test tag. Since the workflow triggers on v* tags, you can do:

git tag v0.0.1-test
git push origin v0.0.1-test

That will kick off the full workflow (build binaries on all three platforms, build the wheel, create a GitHub release named v0.0.1-test). Afterwards you can delete the tag and release:

git push --delete origin v0.0.1-test
git tag --delete v0.0.1-test

And delete the release from the GitHub UI (Releases → Edit → Delete).

Alternatively, if you want to be able to trigger it manually from the GitHub Actions UI without pushing a tag at all, I can add a workflow_dispatch trigger to the workflow — just let me know.

[jeremytrimble]

@copilot ok let's try adding the workflow dispatch thing. Where do I go to trigger that manually? And how do I specify details like the version when the workflow is being triggered manually (not in response to a tag)?

[Copilot]

@copilot ok let's try adding the workflow dispatch thing. Where do I go to trigger that manually? And how do I specify details like the version when the workflow is being triggered manually (not in r...

Done in 6201a21. Here's what was added and how to use it:

What changed: The workflow now has a workflow_dispatch trigger with a required version input (default: v0.0.0-test). When triggered manually it creates a pre-release (clearly marked as a test), so it won't be confused with real releases.

How to trigger it manually:

1. Go to the repo on GitHub → Actions tab
2. In the left sidebar, click "Build and Release Specview"
3. Click the "Run workflow" button (top-right of the runs list)
4. A dropdown appears with a version field — enter something like v0.2.0-test, then click Run workflow

The full pipeline (build binaries on all 3 platforms, build the wheel, create a pre-release) will run. When done, a pre-release named v0.2.0-test will appear in the Releases section. You can delete it from the UI (Releases → the test release → Edit → Delete this release + delete the tag) when finished.