Comprehensive Template Modernization - CI/CD, Modern Python Tooling, and Best Practices #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace [INSERT CONTACT METHOD] with community@cloudzero.com for reporting Code of Conduct violations. This completes the template and provides a clear contact point for community enforcement issues.
Change all references from README-sample.md to README-template.md to match the actual filename in the repository. This ensures users can correctly locate and use the template file.
Replace external Auth0 repository links with relative paths to CloudZero's contribution guidelines and code of conduct. This ensures the template is self-contained and works correctly when forked.
Add security policy file with guidelines for reporting security vulnerabilities. Directs reporters to security@cloudzero.com and provides template for what information to include in reports.
Remove the year (2023) from the copyright notice as years are no longer required in copyright statements and removing them reduces maintenance overhead.
- Update minimum Python version to 3.11 - Add support for Python 3.11, 3.12, 3.13 - Add build-system configuration (PEP 517/518) - Add project.urls for better package metadata - Add optional-dependencies for dev, test, and lint - Add tool configurations for pytest, coverage, black, ruff, and mypy - Set modern linting and formatting standards
Replace placeholder text with detailed contribution guidelines including: - Complete environment setup instructions for Python and JavaScript - Comprehensive testing guidelines and coverage requirements - Code quality tools configuration (Black, Ruff, mypy, ESLint, Prettier) - Code style guidelines and commit message conventions - CI/CD information and how to pass checks - Detailed PR guidelines and review process - Pre-commit hooks setup - Assets compilation instructions Also fix outdated GitHub link to use relative path.
- Remove Black from all dependencies and tool configurations - Add Ruff formatter configuration to replace Black - Switch from pip/venv to uv for Python package management - Update all Python commands to use uv (uv run, uv sync, uv build) - Add data dependencies with pandas (preferred over polars) - Update CONTRIBUTING.md with uv installation and usage instructions - Document that pandas is preferred for data projects Benefits: - Ruff handles both linting and formatting (single tool) - uv provides faster package resolution and installation - Consistent tooling recommendations across projects
Add optional dependencies and documentation for preferred libraries: - httpx for HTTP clients (prefer over requests) - pydantic 2 for data validation - aws-lambda-powertools for AWS Lambda projects - pandas for data manipulation (already documented) These recommendations ensure consistency across CloudZero projects and promote modern, well-maintained libraries with better performance and type safety.
Change preferred data manipulation library from pandas to polars: - Update pyproject.toml data dependency to polars>=0.20.0 - Update CONTRIBUTING.md to recommend polars over pandas Polars provides better performance and a more modern API for data manipulation tasks.
Remove mypy from all configurations as it's not part of the recommended tooling stack: - Remove from dev and lint optional dependencies - Remove from uv dev-dependencies - Remove [tool.mypy] configuration section - Remove type checking instructions from CONTRIBUTING.md - Remove type checking from CI/CD pipeline description Projects can still use type hints without mypy enforcement. Ruff provides basic type checking through its linting rules.
Add GitHub Actions workflows: - Python CI with uv, Ruff formatting/linting, pytest with 60% coverage - JavaScript CI with npm, Prettier, ESLint, Jest with 60% coverage - CodeQL security scanning for Python and JavaScript - Dependabot auto-merge for approved PRs Update configuration files: - .gitignore: Add uv, Ruff, Node.js, macOS, Rust entries; update copyright - CHANGELOG.md: Add Keep a Changelog template with semantic versioning - CODEOWNERS: Expand to @cloudzero/open-source-maintainers with detailed patterns - package.json: Add engines, scripts, devDependencies, bugs/homepage URLs - .npmignore: Add actual content for excluding dev files from npm packages All changes support modern development workflows and best practices.
Add GitHub Issue Forms: - YAML-based bug report and feature request templates - Issue template config with support links - Improved structure and validation Add Release Management: - release.yml for automated changelog categorization - Labels configuration for consistent issue/PR labeling - Categories for features, bugs, docs, maintenance, security Add Docker Support: - Multi-stage Dockerfile using uv for Python applications - .dockerignore for efficient builds - docker-compose.yml with development setup Add Project Tooling: - Makefile with common development tasks - Support for install, test, lint, format, build, docker commands - Clean targets for artifact removal Add Legal/Compliance: - NOTICE file with copyright and third-party attributions - Updated LICENSE copyright to include "All Rights Reserved" - Consistent copyright notices across project Update Configuration: - pyproject.toml: Add 60% minimum coverage requirement - dependabot.yaml: Add npm ecosystem support All additions support modern open source best practices and streamline development workflows.
silvexis
deleted the
claude/code-review-template-01UXFbM5TpFwUntpvX5dxSxg
branch
Greptile Summary
Confidence Score: 3/5
Important Files Changed
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Additional Comments (1)
-
.github/dependabot.yaml, line 12-13 (link)logic: pip ecosystem configured for root
/but Python files are inpython/subdirectory. JavaScript correctly uses/javascript
27 files reviewed, 6 comments
Edit Code Review Agent Settings | Greptile
React with 👍 or 👎 to share your feedback on this new summary format
| run: uv python install ${{ matrix.python-version }} | ||
|
|
||
| - name: Install dependencies | ||
| run: uv sync --extra dev |
There was a problem hiding this comment.
logic: workflow assumes pyproject.toml at repo root, but template has it in python/ subdirectory. Add working-directory: python or adjust paths
| cache: 'npm' | ||
|
|
||
| - name: Install dependencies | ||
| run: npm ci |
There was a problem hiding this comment.
logic: workflow assumes package.json at repo root, but template has it in javascript/ subdirectory. Add working-directory: javascript or adjust npm commands
Comment on lines
+15
to
+16
| # Copy dependency files | ||
| COPY pyproject.toml ./ |
There was a problem hiding this comment.
logic: copies pyproject.toml from root but template structure has it in python/ subdirectory. Adjust paths or document expected structure
Suggested change
| # Copy dependency files | |
| COPY pyproject.toml ./ | |
| COPY python/pyproject.toml ./pyproject.toml | |
| COPY python/README.md ./README.md |
|
|
||
| # Python: Install production dependencies | ||
| install: | ||
| uv sync |
There was a problem hiding this comment.
style: Makefile assumes Python project at root level but template has python/ subdirectory. Consider adding targets that work from root or document structure
Comment on lines
+126
to
+127
| - New code should have at least 80% test coverage | ||
| - Critical paths should have 100% coverage |
There was a problem hiding this comment.
logic: test coverage requirement is 80% here but pyproject.toml sets fail_under = 60 and CI workflow uses --cov-fail-under=60. Align these requirements
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's in this PR:
Major Additions:
Modernizations: