Add OSS project infrastructure and CI/CD#1
Merged
Conversation
Establish open-source best-practice tooling for the SDK, modeled on mature Python SDKs (Stripe et al.). CI/CD (GitHub Actions): - ci.yml: ruff lint + format gate and mypy on 3.12; pytest with coverage across Python 3.10-3.13; single `CI` status check for branch protection. - release.yml: build + twine check + publish to PyPI on GitHub Release via Trusted Publishing (OIDC, no stored secrets); verifies tag matches version. - codeql.yml: weekly + per-PR security/quality scanning. Repo automation & community health: - dependabot.yml for pip and github-actions (grouped, weekly). - Issue forms (bug/feature) + config, PR template, CONTRIBUTING, SECURITY. Developer tooling: - .pre-commit-config.yaml mirroring the CI lint/format gates. - Makefile wrapping install/lint/format/typecheck/test/check/build. pyproject: - Version is now dynamic, sourced from src/senderkit/_version.py (single source of truth) instead of a duplicated literal. - Coverage config (branch, fail_under=85); stricter pytest opts. - Add pytest-cov, pre-commit, build, twine to the dev extra. Also normalized formatting across the codebase with `ruff format` so the new CI format gate passes (no behavioral changes). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The CODE_OF_CONDUCT.md file will be added separately. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Add code of conduct
Job-level `permissions:` replaces the top-level block rather than merging, so the analyze job only had `security-events: write` and its token could not read the repo — actions/checkout failed with "Repository not found". List the full scope set CodeQL needs. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
Version/Python (PyPI), CI status, license, and ruff/mypy quality badges for at-a-glance trust signals. The PyPI badges populate on first publish. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
- README: add CodeQL workflow-status and Codecov coverage badges; drop the static MIT license badge. - ci.yml: upload coverage.xml to Codecov from each matrix job (flagged per Python version). Non-fatal if upload fails so CI stays green. Codecov badge/upload activate once the repo is added on codecov.io and the CODECOV_TOKEN secret is set. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Establishes open-source best-practice tooling for the SDK, modeled on mature Python SDKs (Stripe et al.). No changes to runtime behavior — this is infrastructure, automation, and a formatting normalization.
CI/CD (GitHub Actions)
ci.yml—ruff check+ruff format --check+mypyon 3.12;pytestwith coverage across Python 3.10–3.13; a single aggregateCIstatus check to point branch protection at.release.yml— build →twine check→ publish to PyPI on a published GitHub Release via Trusted Publishing (OIDC) — no stored tokens. Guards that the release tag matches the package version.codeql.yml— security/quality scanning per-PR and weekly.Repo automation & community health
dependabot.yml— grouped weekly updates forpipandgithub-actions.Developer tooling
.pre-commit-config.yamlmirroring the CI lint/format gates.Makefilewrappinginstall/lint/format/typecheck/test/check/build.pyproject.tomlsrc/senderkit/_version.py(single source of truth) instead of a duplicated literal.fail_under = 85) + stricter pytest opts.pytest-cov,pre-commit,build,twineto thedevextra.Reviewer notes
src/andtests/are purelyruff formatnormalization (the hand-written code had never been formatted) — needed so the new format gate is green. No logic changed.ruff check,ruff format --check,mypy src,pytest(61 passed, 89.8% coverage),python -m build, andtwine checkall pass.One-time setup required (maintainer, not in this PR)
release.yml→ environmentpypi, sorelease.ymlcan publish.mainat theCIcheck.🤖 Generated with Claude Code