Automation: Direction

[github-actions]

Last generated: 2026-01-22T18:24:54.064Z
Provider: openai
Model: gpt-5.2

Summary

Bring the repo’s automation to a “reliable Python package” baseline: deterministic CI (lint + tests), security/licensing hygiene, and release automation. Keep changes small and low-risk, focusing on preventing regressions and reducing manual work for maintainers.

Direction (what and why)

1. Stabilize CI around a modern Python toolchain
   The repo appears small (single package proxy_middleware/, setup.py) and likely lacks strong test/QA automation. Add a minimal CI matrix (supported Python versions), run unit tests, and enforce formatting/linting to catch issues early.

2. Add packaging and dependency hygiene checks
   Ensure pip install . works, metadata is valid, and sdists/wheels build in CI. This prevents release-time breakages.

3. Remove/contain large binary artifacts from normal workflows
   bfg-1.15.0.jar (~14MB) in-repo increases checkout time and can complicate security scanning and artifact policies. If it’s not required at runtime, it should be moved to release assets or fetched on-demand in workflows.

Plan (next 1–3 steps)

Step 1 — Add a minimal, deterministic CI workflow

Create/adjust: .github/workflows/ci.yml

• Trigger on pull_request + push to master.
• Use actions/setup-python with a small matrix (e.g., 3.9, 3.10, 3.11, 3.12), unless project constraints require older.
• Install with pip install -U pip then:
  • pip install -e .[test] if you add extras, otherwise pip install -e . + install test deps.
• Run:
  • python -m compileall proxy_middleware
  • python -m pip check
  • python -m pytest -q (after adding pytest scaffolding; see Step 2)

Concrete additions:

• Add pyproject.toml (tool configs only; keep setup.py for now) with:
  • tool.ruff (lint)
  • tool.pytest.ini_options
• Add requirements-dev.txt (or extras_require in setup.py) for pytest, ruff.

Step 2 — Add baseline tests + linting (fast, high-signal)

Files to add:

• tests/test_imports.py:
  • Import proxy_middleware and key modules to catch missing imports (this repo already had a “missing import” release fix).
• tests/test_rules_json.py (if rules.json is consumed by the package):
  • Validate it’s valid JSON and conforms to minimal expectations (e.g., required keys exist).
• Configure ruff (or flake8) and run it in CI:
  • Add .github/workflows/ci.yml step: python -m ruff check .

This keeps the suite cheap while preventing the most common breakages.

Step 3 — Address the large bfg-1.15.0.jar artifact

Decide one of these (pick the least disruptive):

• Preferred: Remove from repo and fetch in workflows only when needed.
  • Add a small script under scripts/fetch_bfg.sh (or python) used only in a specific workflow job.
• If it must remain: Ensure CI does not package it.
  • Verify MANIFEST.in does not include it.
  • Add CI step: python -m build and inspect that the jar isn’t included in sdist/wheel.
• Add documentation note in README.rst about why/how BFG is used (if still needed).

Risks/unknowns

• Supported Python versions: No explicit classifiers seen from the provided listing. Confirm intended runtime versions before enforcing a strict matrix.
• Test dependencies: Repo currently may not have a test framework; introducing pytest is low-risk but still a change in contributor workflow.
• Purpose of bfg-1.15.0.jar: If it’s required for some maintenance process, removing it could disrupt that process. Validate usage via git grep bfg and workflow references.
• Existing workflows: The commit message suggests workflows were “synced”; ensure new CI doesn’t conflict with existing .github/workflows/*.

Suggested tests

Add and run locally + in CI:

1. Imports smoke test
   • pytest -q tests/test_imports.py
2. Rules JSON validation
   • pytest -q tests/test_rules_json.py
3. Lint
   • ruff check .
4. Packaging sanity
   • python -m pip install build
   • python -m build
   • python -m twine check dist/* (optional but recommended)

Verification checklist (quick)

• CI runs on PRs and on master pushes
• pip install . succeeds in CI on all matrix versions
• pytest passes
• ruff passes (or is configured with explicit ignores)
• python -m build succeeds; produced artifacts don’t accidentally include bfg-1.15.0.jar
• If BFG is needed, there is a documented, reproducible way to obtain it without committing binaries