Skip to content

Remove vendored shims and harden deployment pipeline #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
danielpmadden wants to merge 2 commits into from
Closed

Remove vendored shims and harden deployment pipeline #22

danielpmadden wants to merge 2 commits into from

Conversation

@danielpmadden
Copy link
Owner

@danielpmadden danielpmadden commented Oct 19, 2025

Summary

  • remove the in-tree requests/ and nacl/ shims, keep results/ empty, and tighten ignore rules with tracked placeholders
  • align dependency metadata on real PyPI packages, add Prometheus/PyNaCl requirements, and support offline Docker builds via a wheelhouse
  • harden configuration samples, docker-compose defaults, and CI to enforce coverage, secret scanning, and security tooling

Testing

  • pytest --maxfail=1 --disable-warnings -q
  • black --check . (fails: repository still carries legacy formatting debt)
  • ruff check . (fails: repository has existing lint violations)
  • pip-audit --requirement requirements.txt (fails: pip-audit unavailable in sandbox)
  • bandit -r reconscript (fails: bandit unavailable in sandbox)

https://chatgpt.com/codex/tasks/task_e_68f47bbbcbf48332b1cb14c302d19d33

@danielpmadden danielpmadden force-pushed the codex/audit-and-prepare-reconscript-for-deployment branch from 4e8a13f to 3e787c0 Compare October 19, 2025 06:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danielpmadden