chore/add commitlint workflow#257
Closed
JCBauza wants to merge 30 commits into
Closed
Conversation
JCBauza
commented
May 9, 2026
JCBauza
commented
- feat: modernize project to v5.0.0 with full test suite
- chore: update all repo URLs from bitfinexcom to JCBauza
- feat!: v6.0.0 — Python 3.12+, pytest-cov, decimal_mode, rate limit headers
- chore(ci): add workflow_dispatch trigger for manual CI runs
- feat: enable mypy strict mode
- test: add REST public endpoint tests, raise coverage threshold to 80%
- ci: upgrade actions/checkout and actions/setup-node to v6
- ci: add dependabot.yml for automated dependency updates
- docs: add CLAUDE.md with project-specific guidance
- chore: upgrade GitHub Actions to latest versions (Node.js 24 compat)
- feat: add RateLimitError, InsufficientFundsError, NetworkError + retry utility
- ci: migrate GitHub Actions from ubuntu-latest to self-hosted runners
- security: SHA-pin GitHub Actions to prevent supply chain attacks
- *chore(ship): add .coverage and .log to .gitignore
- chore: widen requests constraint to >=2.32.3
- docs: add copilot-instructions.md for AI assistant guidance
- docs: point copilot to CLAUDE source of truth
- chore(ship): deduplicate REST/WS handlers and optimize hot paths
- fix(ci): use ubuntu-latest for Dependabot updater
- chore: add Claude Code rules and configuration
- security: replace datetime nonce with time.time_ns for monotonicity
- chore: add pre-push hooks, Claude rules, and repo standards
- fix: resolve mypy errors, ruff lint, and 3 failing websocket tests
- chore(rules): add shared rule symlinks synced from Knowledge-Hub
- fix(auth): monotonic nonce to prevent collisions under concurrent use (H8)
- chore(rules): sync shared rules from Knowledge-Hub
- chore: add Copilot reviewer workflow
- fix(json_decoder): swallow simplejson's encoding kwarg for Python 3.12 compat
- chore(dependabot): group security-updates into single PR per ecosystem (Create python websocket client #1)
- chore(ci): add commitlint workflow + config
- Migrate build system from setup.py (distutils) to pyproject.toml (hatchling) - Replace black + isort + flake8 with ruff for linting and formatting - Modernize all type hints: Optional[X] → X | None, List → list, Dict → dict, etc. - Upgrade websockets 12 → 16 (asyncio API, ClientConnection, InvalidStatus) - Upgrade pyee 11 → 13 (overloaded on() signatures) - Bump minimum Python version from 3.8 to 3.10 - Add comprehensive test suite (171 tests) covering serializers, handlers, middleware, connection logic, event emitter, and utilities - Update CI to run pytest across Python 3.10-3.13 matrix - Delete legacy files: setup.py, requirements.txt, dev-requirements.txt, .flake8, .isort.cfg BREAKING CHANGE: Minimum Python version is now 3.10. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Also modernize README dev setup instructions to reflect current toolchain (ruff, pyproject.toml, Python 3.10+). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…aders - Bump to Python >=3.12, version 6.0.0 - Add decimal_mode parameter to Client for Decimal monetary fields - Add RateLimitInfo dataclass from HTTP response headers - Add pytest-cov with 75% coverage threshold - Update CI to Python 3.13 matrix - Format labeler.py with ruff - Add UP046/UP047 to ruff ignore list - Update repo URLs to CloudIngenium org Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Enable `strict = true` in pyproject.toml with zero mypy errors. Add __all__ exports to all subpackage __init__.py files to resolve implicit re-export warnings. Add type annotations to labeler.py, notification.py, middleware.py, and websocket modules. Only 3 targeted type: ignore comments needed. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add 33 tests covering all RestPublicEndpoints methods (tickers, trades, books, candles, stats, derivatives, liquidations, leaderboards, funding stats, market average prices, FX rates). Coverage: 76% → 80%. Raise --cov-fail-under from 75% to 80%. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Node.js 20 actions deprecated June 2026. v6 uses Node.js 24. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Prepares for GitHub's Node.js 24 enforcement on June 2, 2026. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…y utility New typed exceptions for common Bitfinex API failures: - RateLimitError (HTTP 429, code 10010) with retry_after_ms - InsufficientFundsError (code 10001 with insufficient/not enough) - NetworkError (ConnectionError, Timeout) with retryable flag Middleware now catches requests.ConnectionError/Timeout and HTTP 429. Added retry_with_backoff() and async_retry_with_backoff() utilities. 25 new tests, all 229 passing, 80.4% coverage. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Reduces GitHub-hosted Linux minutes ($2.34/day overage → ~$0). Self-hosted runners (runner-ubuntu-01, runner-ubuntu-03) already exist with Build label. Added HOME/USERPROFILE env vars to wrangler deploy steps to prevent auth conflicts with local wrangler config. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Pin all GitHub Actions to full commit SHA hashes instead of mutable version tags. Prevents tag-hijacking attacks like the litellm/Trivy incident (Mar 2026). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The ~=2.32.3 constraint blocked upgrading to requests 2.33.0 which fixes GHSA medium vulnerability. Widen to >= to allow patch/minor security updates without fork changes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Extract shared response processing in REST middleware, deduplicate get_seed_candles as alias for get_candles_hist, flatten auth event serializer dict for O(1) lookup, move trade event mapping to module constant. Update Python version in README to 3.12+. Improve .gitignore. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Self-hosted runners lack Docker, which the Dependabot dynamic workflow requires. This exception allows Dependabot to use GitHub-hosted runners for version updates only. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add .claude/ directory with project-specific rules for Claude Code IDE integration. Part of portfolio-wide standardization. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace datetime.now().timestamp() * 1_000_000 with time.time_ns() // 1_000 in both REST middleware and WebSocket connection auth. time.time_ns() provides nanosecond precision collapsed to microseconds, avoiding duplicate nonces from rapid successive calls within the same microsecond. Also adds ci-deployment and shared-packages Claude rules. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add husky pre-push and commit-msg hooks - Add .gitattributes for consistent line endings - Add CODEOWNERS for review requirements - Add .nvmrc for Node version pinning - Add eslint.config.js where applicable Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add missing datetime import in middleware.py (2 mypy errors) - Fix type annotation in auth_events_handler.py (1 mypy error) - Fix import sorting in middleware.py and _connection.py (ruff I001) - Fix crash in public_channels_handler when stream[0] is a snapshot list - Fix test_all_abbreviations_have_serializers string decomposition bug Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Mirrors the tracked pattern used by ci-deployment.md, cloudflare-worker.md, shared-packages.md, and testing.md. The sync pipeline in Knowledge-Hub distributes these shared rules into every repo under .claude/rules/. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
… (H8) Previous implementation derived the nonce from time.time_ns() // 1_000, which has microsecond resolution. Two REST calls that reach the nonce generator within the same microsecond (possible under threaded use, async gather, or just fast consecutive calls) can produce duplicate nonces, and Bitfinex rejects the later request with nonce-too-small. Add a module-level threading.Lock + monotonic counter: each call returns a strictly-greater nonce than the previous, even under concurrent access. Bump to 6.0.1 (patch — no API change). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Auto-propagated by Knowledge-Hub sync stage 10. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Calls CloudIngenium/.github reusable workflow to request Copilot review on PR open. Part of fleet-wide Copilot review automation (see Knowledge-Hub/claude-code-plugin/skills/jc-coding-pr-assistant). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
…2 compat requests uses simplejson as complexjson when installed; simplejson.loads passes an obsolete encoding=... kwarg to cls=JSONDecoder during instantiation. Stdlib json.JSONDecoder has not accepted encoding since Python 3.9 and raises TypeError on 3.12, which surfaced as a CRITICAL startup failure in BfxLendingBot after the latest lifecycle restart: TypeError: JSONDecoder.__init__() got an unexpected keyword argument 'encoding' The one-line shim pops the kwarg before delegating to super().__init__(). Verified post-fix: BfxLendingBot boots cleanly, claim cycles run (pid 198312, uptime 4+ min, no startup exceptions). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
#1) Adds an `all-security` group with `applies-to: security-updates` to each ecosystem block. Future Dependabot security alerts cluster into one PR per repo per ecosystem instead of one PR per package. Reduces PR-fatigue when a multi-package vulnerability cluster fires. Memory: feedback_direct_to_main.md (PR-default workflow). Co-authored-by: JC <JCBauza@users.noreply.github.com> Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds a CI workflow that lints commit messages on every PR using wagoid/commitlint-github-action with @commitlint/config-conventional rules. Workflow-only approach (no devDependency or husky hook changes — zero impact on local dev environment). Allowed types: feat, fix, docs, style, refactor, perf, test, chore, build, ci, revert. Header max length 100 chars (warning only). Plan: .claude-plans/help-me-enable-all-zany-gosling.md (Track C). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Author
|
Opened against the wrong base — internal CloudIngenium chore meant for our fork, not upstream. Apologies for the noise. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.