Merge branch 'main' of https://github.com/Ghua8088/pytron

Author: Ghua8088

.github/workflows/publish.yml

@@ -28,6 +28,7 @@ jobs:
             rust_native:
               - 'pytron/engines/native/**'
               - 'pytron/engines/native/Cargo.toml'
+              - 'pytron/platforms/pytron_os/**'
             rust_loader:
               - 'pytron/pack/secure_loader/**'
               - 'pytron/pack/secure_loader/Cargo.toml'
@@ -75,6 +76,7 @@ jobs:
           workspaces: |
             pytron/engines/native
             pytron/pack/secure_loader
+            pytron/platforms/pytron_os
 
       - name: 🛡️ Build Rust Loader
         if: steps.filter.outputs.rust_loader == 'true' || github.event_name == 'push' || startsWith(github.ref, 'refs/tags/v')
@@ -84,6 +86,10 @@ jobs:
         if: steps.filter.outputs.rust_native == 'true' || github.event_name == 'push' || startsWith(github.ref, 'refs/tags/v')
         run: python pytron/engines/native/build.py
 
+      - name: 🦾 Build OS Platform Hook
+        if: steps.filter.outputs.rust_native == 'true' || github.event_name == 'push' || startsWith(github.ref, 'refs/tags/v')
+        run: python pytron/platforms/pytron_os/build.py
+
       - name: 📦 Build Platform Wheel
         shell: bash
         run: |

.github/workflows/tests.yml

@@ -27,6 +27,7 @@ jobs:
           rust_native:
             - 'pytron/engines/native/**'
             - 'pytron/engines/native/Cargo.toml'
+            - 'pytron/platforms/pytron_os/**'
           rust_loader:
             - 'pytron/pack/secure_loader/**'
             - 'pytron/pack/secure_loader/Cargo.toml'
@@ -48,6 +49,7 @@ jobs:
         workspaces: |
           pytron/engines/native
           pytron/pack/secure_loader
+          pytron/platforms/pytron_os
 
     - name: Install Linux Dependencies
       if: matrix.os == 'ubuntu-latest'
@@ -81,6 +83,8 @@ jobs:
       run: |
         if [ "${{ steps.filter.outputs.rust_native }}" == "true" ]; then
           cd pytron/engines/native && cargo check
+          cd ../../../pytron/platforms/pytron_os && cargo check
+          cd ../../../
         fi
         if [ "${{ steps.filter.outputs.rust_loader }}" == "true" ]; then
           cd pytron/pack/secure_loader && cargo check
@@ -90,6 +94,10 @@ jobs:
     - name: 🦾 Build Native Engine
       if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (steps.filter.outputs.rust_native == 'true') || startsWith(github.ref, 'refs/tags/v')
       run: python pytron/engines/native/build.py
+
+    - name: 🦾 Build OS Platform Hook
+      if: (github.event_name == 'push' && github.ref == 'refs/heads/main') || (steps.filter.outputs.rust_native == 'true') || startsWith(github.ref, 'refs/tags/v')
+      run: python pytron/platforms/pytron_os/build.py
 
     - name: Run Tests
       run: |

ARCHITECTURE.md

@@ -60,3 +60,21 @@ Pytron uses a curated stack of robust open-source technologies to power its feat
     -   **[PyInstaller](https://pyinstaller.org/)**: The default choices for `pytron package` due to its excellent compatibility with complex scientific libraries (NumPy, Torch).
     -   **[Nuitka](https://nuitka.net/)**: Available via `--nuitka`. We support this for developers needing compilation to machine code (C++) for performance-critical applications.
 -   **Frontend Tooling**: Our CLI scaffolds projects using **[Vite](https://vitejs.dev/)**. We customized the Vite config to proxy requests to our Python backend, enabling a seamless "Hot Module Replacement" experience for dual-stack development.
+
+## Build & Security Pipeline
+
+Pytron introduces a sophisticated build pipeline designed to secure Python applications and ensure reliable dependency resolution.
+
+### Crystal Audit
+Traditional Python packagers often struggle with hidden imports, dynamic loading, and complex dependency trees. **Crystal Audit** is Pytron's answer to this challenge.
+*   **PEP 578 Surveillance**: Crystal Audit launches your application in a controlled environment and attaches a system audit hook (`sys.addaudithook`) to capture every import event as it happens in real-time.
+*   **Defanged Execution**: To safely analyze side-effects without damaging your system, Crystal "defangs" destructive operations (like `os.remove`, `subprocess.run`, `socket`) by replacing them with aggressive mocks during the audit.
+*   **Recursive Analysis**: It inspects exposed functions and classes, recursively traversing closures and bytecode to find hidden dependencies that static analysis misses.
+*   **Precision Manifest**: The result is a `requirements.lock.json` that lists exactly which modules and files were accessed, ensuring a 100% accurate build with zero bloat.
+
+### Secure Pipeline (Agentic Shield)
+For enterprise and commercial applications, protecting source code is paramount. The **Secure Pipeline** ensures that your Python logic is not exposed as easily decompilable bytecode.
+*   **Binary Compilation**: The main entry point and critical modules are compiled to native machine code (`.pyd` / `.so`) using **Cython**. This prevents trivial decompilation (like `uncompyle6`) and requires reverse engineering tools to analyze.
+*   **Native Bootloader**: A custom Rust-based bootloader ("Agentic Shield") initializes the environment and launches the compiled application, providing a secure native entry point.
+*   **Library Fusion**: Functionality to bundle distributed Python modules into a single `app.bundle` structure, reducing file clutter and obscuring the standard `_internal` directory layout.
+*   **Integrity Checks**: The pipeline ensures that the compiled components are correctly linked and loaded, preventing basic tampering.

CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.3.14] - 2026-02-08
+
+### Added
+- **Credits & Acknowledgments**: Added `CREDITS.md` to honor third-party dependencies (Wry, Tao, Electron, etc.).
+- **Support Documentation**: Added `SUPPORT.md` for better community guidance.
+- **Improved Manifest**: Updated `MANIFEST.in` to include all documentation and internal architecture files.
+
+### Changed
+- **License Rollback**: Reverted to pure Apache 2.0 based on community feedback. We value our open-source roots!
+- Refined the packaging pipeline documentation to clarify "Safe" vs "Unsafe" methods in `SECURITY.md`.
+- Updated repository metadata in `pyproject.toml` to reflect the current license status.
+
+## [0.3.x] - Earlier Releases
+
+### Added
+- **Agentic Shield**: Introduced the new Rust-based secure bootloader.
+- **Crystal Audit**: Runtime-audited dependency mapping for 100% accurate builds.
+- **Dual Engine Support**: Optional transition between Native Webview (Wry) and Chrome Engine (Electron).
+- **Zero-Copy Bridge**: High-speed binary data streaming via `pytron://`.
+
+---
+*Note: For older version details, please refer to the GitHub release tags.*

CREDITS.md

@@ -0,0 +1,35 @@
+# Credits & Third-Party Acknowledgments
+
+Pytron Kit is built on the shoulders of giants. We are grateful to the following open-source projects and their communities for providing the foundational technologies that make this framework possible.
+
+## Core Rendering & Windowing
+*   **[Wry](https://github.com/tauri-apps/wry)**: A cross-platform webview rendering library in Rust. Used for our high-performance Native Engine.
+*   **[Tao](https://github.com/tauri-apps/tao)**: A cross-platform window creation library in Rust.
+*   **[Electron](https://www.electronjs.org/)**: Used as our optional rendering engine for maximum compatibility and parity with Chromium.
+
+## Internal Engineering
+*   **[Rust](https://www.rust-lang.org/)**: Powers our secure bootloader and native extensions. Huge thanks for providing the memory safety and performance required for the Agentic Shield.
+*   **[Zig](https://ziglang.org/)**: Utilized for cross-compilation and native toolchain orchestration. We are grateful for Zig's incredible "it just works" approach to C/C++ toolchains.
+*   **[Cython](https://cython.org/)**: Used for compiling performance-critical modules and securing the "Agentic Shield" pipeline. Thanks for bridging the gap between Python and C so elegantly.
+*   **[PyInstaller](https://pyinstaller.org/)**: The reliable workhorse for standard application packaging. Thank you for the years of work that make Python distribution possible.
+*   **[Nuitka](https://nuitka.net/)**: A Python-to-C++ compiler used for our high-performance machine code builds.
+
+## Python Ecosystem
+*   **[PyPI](https://pypi.org/)**: The Python Package Index. Huge thanks for hosting the worldwide community of Python software. We'd be nothing without you.
+*   **[Keyring](https://github.com/jaraco/keyring)**: For providing a secure way to handle secrets and credentials across different OS environments.
+*   **[Requests](https://requests.readthedocs.io/)**: For making HTTP requests human-friendly and reliable.
+*   **[Pytest](https://pytest.org/)**: For providing the backbone of our testing suite and ensuring Pytron stays stable.
+*   **[Comtypes](https://github.com/enthought/comtypes)**: Essential for our deep Win32 COM integrations on Windows.
+
+## Frontend Ecosystem
+*   **[Vite](https://vitejs.dev/)**: The lightning-fast build tool used for our project scavenging and HMR.
+*   **[React](https://reactjs.org/)**: The default frontend framework for Pytron project templates.
+
+## Inspiration & Community
+*   **[pywebview](https://github.com/r0x0r/pywebview)**: Our native engine implementation was heavily inspired by the pioneering work of the pywebview team in bringing web technologies to Python.
+*   **[Tauri](https://tauri.app/)**: For setting the gold standard in secure, lightweight cross-platform development.
+
+---
+
+### License Note
+The use of these libraries is governed by their respective licenses (MIT, Apache 2.0, or BSD). Pytron Kit's use of a "Commons Clause" rider on its own license does not affect the licensing of these dependencies, nor does it claim ownership over their work. We strictly adhere to all attribution requirements for these upstream projects.

MANIFEST.in

@@ -1,10 +1,16 @@
 
 include README.md
+include LICENSE
+include CREDITS.md
+include ARCHITECTURE.md
+include CHANGELOG.md
+include SUPPORT.md
 include pyproject.toml
 
 # 1. Include the core package
-recursive-include pytron *.py *.png *.ico *.exe *.md *.dll *.so *.pyd *.dylib *.lib
+recursive-include pytron *.py *.png *.ico *.exe *.md *.dll *.so *.pyd *.dylib *.lib *.a
 recursive-include pytron/dependencies *
+recursive-include pytron/pack/secure_loader/bin *
 
 # 2. Android Shell - The "Allow List"
 # We match specifically to avoid dragging in temp files