[dist] Automate installer file and version updates

Author: Breakthrough

.gitignore

@@ -10,6 +10,7 @@ tests/resources/*
 *.m4v
 *.csv
 packaging/windows/.version_info
+packaging/windows/installer/PySceneDetect.back*.aip
 benchmarks/BCC/*.mp4
 *.txt
 benchmarks/RAI/*.mp4

RELEASE-PLAN.md

@@ -5,16 +5,16 @@ Version referenced below as `X.Y[.Z]` - replace with the real version throughout
 
 ## 0. Branch setup
 
-- [ ] Create / fast-forward release branch: `releases/X.Y` off `main`.
-- [ ] All release-prep commits land on `releases/X.Y` (never directly on `main` during the freeze - commits are usually halted to `main` until the release branch is cut, after which the release branch is merged back into `main` and development resumes).
+- [X] Create / fast-forward release branch: `releases/X.Y` off `main`.
+- [X] All release-prep commits land on `releases/X.Y` (never directly on `main` during the freeze - commits are usually halted to `main` until the release branch is cut, after which the release branch is merged back into `main` and development resumes).
 
 ## 1. Code & version
 
 - [ ] Bump `__version__` in `scenedetect/__init__.py`.
-- [ ] Bump `ProductVersion` in `packaging/windows/installer/PySceneDetect.aip` (must match `__version__` - `scripts/pre_release.py --release` asserts this).
+- [ ] Bump the installer project: `python scripts/bump_installer.py` (rewrites `ProductVersion`, regenerates `ProductCode`, updates the MSI filename via the AdvancedInstaller CLI). Add `--sync-files` after `pyinstaller` if any bundled dependency versions changed since the last release - this re-syncs APPDIR from `dist/scenedetect/` and replaces the manual "delete install dir + re-add files" GUI step. `scripts/pre_release.py --release` asserts the resulting `ProductVersion` matches `__version__`.
 - [ ] No `-dev` / pre-release suffix on the version string for a final release.
 
-> **Note:** `setup.cfg` reads the package version dynamically via `version = attr: scenedetect.__version__`, and `pyproject.toml` does not declare a `version` field. The single source of truth is `scenedetect/__init__.py`; the `.aip` is the only other place to keep in sync.
+> **Note:** `pyproject.toml` does not declare a `version` field - the single source of truth is `scenedetect/__init__.py`; the Windows installer `.aip` is the only other place to keep in sync.
 
 ## 2. Docs
 
@@ -42,7 +42,18 @@ Version referenced below as `X.Y[.Z]` - replace with the real version throughout
 
 - [ ] `python scripts/pre_release.py --release` passes (enforces `.aip` ↔ `__version__` parity, writes `packaging/windows/.version_info`).
 - [ ] `pyinstaller packaging/windows/scenedetect.spec` produces a working `scenedetect.exe` - run it against a sample video.
+- [ ] `python scripts/stage_windows_dist.py --ffmpeg-dir <dir> --portable-zip` populates `dist/scenedetect/` with ffmpeg, third-party licenses, sphinx docs, and emits the portable `.zip`. Pass `--ffmpeg-dir` pointing at a recent extracted [GyanD codexffmpeg](https://github.com/GyanD/codexffmpeg/releases) build; omit it only for offline builds (uses the bundled `packaging/windows/thirdparty.7z` with a stub `LICENSE-FFMPEG`).
 - [ ] Build the MSI via Advanced Installer (`packaging/windows/installer/PySceneDetect.aip`); install into a clean Windows VM and run the CLI.
+- [ ] After both `pyinstaller` and the MSI build are done (and the portable `.zip` is staged at `dist/PySceneDetect-X.Y.Z-portable.zip`), run `python scripts/generate_manifest.py` to produce `dist/PySceneDetect-X.Y.Z.manifest.json` (per-file SHA256 audit of every artifact) and `dist/SHA256SUMS` (flat `sha256sum -c` compatible). Both are attached to the GitHub release in step 7.
+
+> **GUI required for structural changes.** `scripts/bump_installer.py` covers routine version bumps and `--sync-files` covers dependency-driven file-list changes, but anything that touches the *project structure* of the .aip still needs the AdvancedInstaller GUI. Examples:
+>
+> - Moving the .aip or its source tree (the build's `SourcePath` references are stored relative to the .aip and aren't rewritten by `/NewSync` - cf. the `dist/installer/` → `packaging/windows/installer/` move that broke the relative paths until they were edited in the GUI).
+> - Adding/removing build configurations, features, or prerequisites.
+> - Editing dialog layouts, branding bitmaps, install sequences, custom actions, file associations, or shortcuts.
+> - Changing `UpgradeCode`, install directory layout (`APPDIR` location), or per-component attributes.
+>
+> When in doubt, open the .aip in AdvancedInstaller, make the change, save, and commit the resulting diff. Re-run `bump_installer.py` afterwards if the version-identity fields need refreshing.
 
 ## 6. Cut the release
 
@@ -55,7 +66,7 @@ Version referenced below as `X.Y[.Z]` - replace with the real version throughout
 
 - [ ] `publish-pypi.yml` ran on the tag and uploaded successfully. Verify both projects: https://pypi.org/project/scenedetect/ and https://pypi.org/project/scenedetect-headless/.
 - [ ] Smoke-test PyPI: in a fresh venv, `pip install scenedetect==X.Y.Z`; CLI launches and `pip show scenedetect` lists `opencv-python`. Repeat in a second venv with `pip install scenedetect-headless==X.Y.Z`; verify it lists `opencv-python-headless`.
-- [ ] Create GitHub Release from the `vX.Y[.Z]` tag, body = changelog section, attach Windows installer MSI + portable `.zip`.
+- [ ] Create GitHub Release from the `vX.Y[.Z]` tag, body = changelog section, attach Windows installer MSI + portable `.zip` + `PySceneDetect-X.Y.Z.manifest.json` + `SHA256SUMS` (both produced by `scripts/generate_manifest.py`).
 - [ ] Deploy website: `generate-website.yml` picks up the changelog / download page updates.
 - [ ] Deploy docs: `generate-docs.yml` publishes the new version.
 

appveyor.yml

@@ -49,19 +49,13 @@ install:
   - echo * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
   - echo * *                          BUILDING WINDOWS EXE                           * *
   - echo * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
-  # Build Windows .EXE and create portable .ZIP
+  # Build Windows .EXE and create portable .ZIP. The staging script copies
+  # ffmpeg.exe + LICENSE from --ffmpeg-dir, third-party licenses, the project
+  # LICENSE/README, and sphinx docs into dist/scenedetect/, then emits the
+  # portable .zip - keeps CI and local builds in sync (see scripts/stage_windows_dist.py).
   - python scripts/pre_release.py --release
   - pyinstaller packaging/windows/scenedetect.spec
-  - sphinx-build -b singlehtml docs dist/scenedetect/docs
-  - mkdir dist\scenedetect\thirdparty
-  - move LICENSE dist\scenedetect\
-  - copy packaging\windows\LICENSE-PYTHON dist\scenedetect\thirdparty\
-  - copy scenedetect\_thirdparty\LICENSE* dist\scenedetect\thirdparty\
-  - copy dist\ffmpeg\ffmpeg.exe dist\scenedetect\
-  - move dist\ffmpeg\LICENSE dist\scenedetect\thirdparty\LICENSE-FFMPEG
-  - cd dist/scenedetect
-  - 7z a ../scenedetect-win64.zip *
-  - cd ../..
+  - python scripts/stage_windows_dist.py --ffmpeg-dir dist/ffmpeg --portable-zip
 
   - echo * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
   - echo * *                         BUILDING MSI INSTALLER                          * *
@@ -109,8 +103,8 @@ test_script:
   - scenedetect.exe -i ../../tests/resources/testvideo.mp4 -b pyav detect-content time -e 2s
 
 artifacts:
-  # Portable ZIP
-  - path: dist/scenedetect-win64.zip
+  # Portable ZIP (named PySceneDetect-X.Y.Z-portable.zip by stage_windows_dist.py)
+  - path: dist/PySceneDetect-*-portable.zip
     name: PySceneDetect-win64_portable
   # MSI Installer + .EXE Bundle for Signing
   - path: dist/scenedetect-signed.zip

scripts/bump_installer.py

@@ -0,0 +1,130 @@
+#
+#            PySceneDetect: Python-Based Video Scene Detector
+#   -------------------------------------------------------------------
+#     [  Site:    https://scenedetect.com                           ]
+#     [  Docs:    https://scenedetect.com/docs/                     ]
+#     [  Github:  https://github.com/Breakthrough/PySceneDetect/    ]
+#
+# Copyright (C) 2026 Brandon Castellano <http://www.bcastell.com>.
+# PySceneDetect is licensed under the BSD 3-Clause License; see the
+# included LICENSE file, or visit one of the above pages for details.
+#
+"""Bump the AdvancedInstaller .aip project for a release.
+
+Usage:
+    python scripts/bump_installer.py             # version bump only
+    python scripts/bump_installer.py --sync-files  # also re-sync APPDIR
+    python scripts/bump_installer.py --version 0.7.0  # explicit version override
+
+The version-bump path rewrites ProductVersion / ProductCode / PackageFileName.
+The --sync-files path additionally walks dist/scenedetect/ (pyinstaller output)
+and rewrites the project's directory + component + file tables to match,
+which is needed when bundled dependencies change.
+
+Both paths shell out to AdvancedInstaller.com so the .aip's invariants
+(line endings, attribute ordering, GUID casing) stay intact. The CLI lives
+under "C:\\Program Files (x86)\\Caphyon\\Advanced Installer ..\\bin\\x86\\".
+Override discovery with the ADVINST environment variable.
+"""
+
+import argparse
+import os
+import re
+import subprocess
+import sys
+from pathlib import Path
+
+REPO_DIR = Path(__file__).resolve().parent.parent
+sys.path.insert(0, str(REPO_DIR))
+
+import scenedetect  # noqa: E402
+
+INSTALLER_AIP = REPO_DIR / "packaging" / "windows" / "installer" / "PySceneDetect.aip"
+DIST_TREE = REPO_DIR / "dist" / "scenedetect"
+
+
+def msi_version(raw: str) -> str:
+    # AdvancedInstaller's ProductVersion only accepts numeric X[.Y[.Z[.B]]].
+    # Strip Python-style suffixes ("0.7-dev0" -> "0.7"; "1.0.0-rc1" -> "1.0.0")
+    # and pad to three components so the resulting MSI filename is consistent.
+    parts = [re.split(r"[^\d]", p, maxsplit=1)[0] for p in raw.split(".")]
+    if not all(p.isdigit() for p in parts if p):
+        sys.exit(f"Cannot derive numeric MSI version from {raw!r}")
+    while len(parts) < 3:
+        parts.append("0")
+    return ".".join(parts[:4])
+
+
+def find_advinst() -> Path:
+    if env := os.environ.get("ADVINST"):
+        path = Path(env)
+        if not path.exists():
+            sys.exit(f"ADVINST={env} does not exist.")
+        return path
+    candidates = sorted(
+        Path(r"C:\Program Files (x86)\Caphyon").glob(
+            "Advanced Installer*/bin/x86/AdvancedInstaller.com"
+        )
+    )
+    if not candidates:
+        sys.exit(
+            "AdvancedInstaller.com not found under C:\\Program Files (x86)\\Caphyon. "
+            "Set the ADVINST environment variable to its full path."
+        )
+    return candidates[-1]
+
+
+def run(advinst: Path, *edit_args: str, check: bool = True) -> int:
+    cmd = [str(advinst), "/edit", str(INSTALLER_AIP), *edit_args]
+    print(">", " ".join(cmd))
+    return subprocess.run(cmd, check=check).returncode
+
+
+def main() -> None:
+    parser = argparse.ArgumentParser(description=(__doc__ or "").splitlines()[0])
+    parser.add_argument(
+        "--sync-files",
+        action="store_true",
+        help="Re-sync APPDIR from dist/scenedetect/ (run pyinstaller first).",
+    )
+    parser.add_argument(
+        "--version",
+        dest="version_override",
+        help="MSI version override (default: derived from scenedetect.__version__).",
+    )
+    args = parser.parse_args()
+
+    raw_version = args.version_override or scenedetect.__version__
+    version = msi_version(raw_version)
+
+    advinst = find_advinst()
+    print(f"Using {advinst}")
+    if version != raw_version:
+        print(f"Normalized {raw_version!r} -> {version!r} for AdvancedInstaller")
+    print(f"Bumping {INSTALLER_AIP.name} to {version}")
+
+    run(advinst, "/SetVersion", version)
+    run(advinst, "/SetProductCode", "-langid", "1033")
+    run(
+        advinst,
+        "/SetPackageName",
+        f"PySceneDetect-{version}-win64.msi",
+        "-buildname",
+        "DefaultBuild",
+    )
+
+    if args.sync_files:
+        if not DIST_TREE.exists():
+            sys.exit(
+                f"{DIST_TREE} not found. Run "
+                "`pyinstaller packaging/windows/scenedetect.spec` first."
+            )
+        # /ResetSync errors out if APPDIR isn't already a synced folder
+        # (true on the first run); /NewSync will fail if it IS synced. So
+        # try the reset but tolerate failure, then sync.
+        run(advinst, "/ResetSync", "APPDIR", check=False)
+        run(advinst, "/NewSync", "APPDIR", str(DIST_TREE))
+
+
+if __name__ == "__main__":
+    main()

scripts/generate_manifest.py

@@ -0,0 +1,174 @@
+#
+#            PySceneDetect: Python-Based Video Scene Detector
+#   -------------------------------------------------------------------
+#     [  Site:    https://scenedetect.com                           ]
+#     [  Docs:    https://scenedetect.com/docs/                     ]
+#     [  Github:  https://github.com/Breakthrough/PySceneDetect/    ]
+#
+# Copyright (C) 2026 Brandon Castellano <http://www.bcastell.com>.
+# PySceneDetect is licensed under the BSD 3-Clause License; see the
+# included LICENSE file, or visit one of the above pages for details.
+#
+"""Generate a SHA256 audit manifest for the Windows release artifacts.
+
+Walks the pyinstaller output tree, the built MSI, and the portable ZIP
+(if present), hashes every file, and writes:
+
+    dist/PySceneDetect-X.Y.Z.manifest.json   - structured per-file manifest
+    dist/SHA256SUMS                          - flat sha256sum -c compatible
+
+Run after both `pyinstaller packaging/windows/scenedetect.spec` and the
+AdvancedInstaller MSI build have completed. Attach both outputs to the
+GitHub release so users can verify what they downloaded.
+"""
+
+import argparse
+import hashlib
+import json
+import re
+import sys
+import zipfile
+from datetime import datetime, timezone
+from pathlib import Path
+
+REPO_DIR = Path(__file__).resolve().parent.parent
+sys.path.insert(0, str(REPO_DIR))
+
+import scenedetect  # noqa: E402
+
+
+def msi_version(raw: str) -> str:
+    # Mirror scripts/bump_installer.py - the artifact filename uses the
+    # normalized X.Y.Z form, not the Python __version__ string.
+    parts = [re.split(r"[^\d]", p, maxsplit=1)[0] for p in raw.split(".")]
+    while len(parts) < 3:
+        parts.append("0")
+    return ".".join(parts[:4])
+
+
+VERSION = msi_version(scenedetect.__version__)
+DIST_DIR = REPO_DIR / "dist"
+PYINSTALLER_TREE = DIST_DIR / "scenedetect"
+MSI_PATH = REPO_DIR / "packaging" / "windows" / "installer" / f"PySceneDetect-{VERSION}-win64.msi"
+PORTABLE_ZIP = DIST_DIR / f"PySceneDetect-{VERSION}-portable.zip"
+
+CHUNK = 1 << 20  # 1 MiB
+
+
+def sha256_file(path: Path) -> str:
+    h = hashlib.sha256()
+    with path.open("rb") as f:
+        for block in iter(lambda: f.read(CHUNK), b""):
+            h.update(block)
+    return h.hexdigest()
+
+
+def hash_tree(root: Path) -> list[dict]:
+    entries = []
+    for path in sorted(p for p in root.rglob("*") if p.is_file()):
+        entries.append(
+            {
+                "path": path.relative_to(root).as_posix(),
+                "size": path.stat().st_size,
+                "sha256": sha256_file(path),
+            }
+        )
+    return entries
+
+
+def hash_zip_contents(zip_path: Path) -> list[dict]:
+    entries = []
+    with zipfile.ZipFile(zip_path) as zf:
+        for info in sorted(zf.infolist(), key=lambda i: i.filename):
+            if info.is_dir():
+                continue
+            h = hashlib.sha256()
+            with zf.open(info) as f:
+                for block in iter(lambda: f.read(CHUNK), b""):
+                    h.update(block)
+            entries.append(
+                {
+                    "path": info.filename,
+                    "size": info.file_size,
+                    "sha256": h.hexdigest(),
+                }
+            )
+    return entries
+
+
+def main() -> None:
+    parser = argparse.ArgumentParser(description=(__doc__ or "").splitlines()[0])
+    parser.add_argument(
+        "--out",
+        type=Path,
+        default=DIST_DIR / f"PySceneDetect-{VERSION}.manifest.json",
+        help="Path to the JSON manifest output.",
+    )
+    parser.add_argument(
+        "--sums",
+        type=Path,
+        default=DIST_DIR / "SHA256SUMS",
+        help="Path to the flat sha256sum-compatible output.",
+    )
+    args = parser.parse_args()
+
+    bundles: dict[str, dict] = {}
+    top_level: list[tuple[str, str]] = []  # (sha256, relpath) for SHA256SUMS
+
+    if PYINSTALLER_TREE.is_dir():
+        print(f"Hashing pyinstaller tree: {PYINSTALLER_TREE}")
+        bundles["pyinstaller_tree"] = {
+            "path": PYINSTALLER_TREE.relative_to(REPO_DIR).as_posix(),
+            "files": hash_tree(PYINSTALLER_TREE),
+        }
+    else:
+        print(f"WARNING: {PYINSTALLER_TREE} missing - skipping.")
+
+    if MSI_PATH.is_file():
+        print(f"Hashing MSI: {MSI_PATH}")
+        digest = sha256_file(MSI_PATH)
+        bundles["msi"] = {
+            "path": MSI_PATH.relative_to(REPO_DIR).as_posix(),
+            "size": MSI_PATH.stat().st_size,
+            "sha256": digest,
+        }
+        top_level.append((digest, MSI_PATH.name))
+    else:
+        print(f"WARNING: {MSI_PATH} missing - skipping.")
+
+    if PORTABLE_ZIP.is_file():
+        print(f"Hashing portable zip: {PORTABLE_ZIP}")
+        digest = sha256_file(PORTABLE_ZIP)
+        bundles["portable_zip"] = {
+            "path": PORTABLE_ZIP.relative_to(REPO_DIR).as_posix(),
+            "size": PORTABLE_ZIP.stat().st_size,
+            "sha256": digest,
+            "contents": hash_zip_contents(PORTABLE_ZIP),
+        }
+        top_level.append((digest, PORTABLE_ZIP.name))
+    else:
+        print(f"WARNING: {PORTABLE_ZIP} missing - skipping.")
+
+    if not bundles:
+        sys.exit("No artifacts found to hash.")
+
+    manifest = {
+        "version": VERSION,
+        "generated_at": datetime.now(timezone.utc).isoformat(timespec="seconds"),
+        "bundles": bundles,
+    }
+
+    args.out.parent.mkdir(parents=True, exist_ok=True)
+    args.out.write_text(json.dumps(manifest, indent=2) + "\n", encoding="utf-8")
+    print(f"Wrote {args.out}")
+
+    if top_level:
+        args.sums.write_text(
+            "".join(f"{sha}  {name}\n" for sha, name in top_level),
+            encoding="utf-8",
+        )
+        print(f"Wrote {args.sums}")
+
+
+if __name__ == "__main__":
+    main()