Fixed Linting issues

Author: claude

.claude/rules/copier/template-conventions.md

@@ -133,9 +133,9 @@ Every skill SKILL.md frontmatter must include a `description:` field with these
 name: skill-name
 description: >-
   <Primary purpose in one sentence.>
-  
+
   <When to use it / trigger keywords.>
-  
+
   <What it produces or outputs.>
 ---
 ```

.github/CLAUDE.md

@@ -13,8 +13,8 @@ the template itself, not the projects generated from it.
 | File | Trigger | Purpose |
 |---|---|---|
 | `tests.yml` | push/PR to main, manual | Full pytest suite across Python 3.11–3.13 matrix; uploads coverage |
-| `lint.yml` | push/PR to main | Ruff lint + format check + basedpyright type check |
-| `security.yml` | push/PR to main, weekly schedule | pip-audit dependency vulnerability scan |
+| `lint.yml` | push/PR to main | Ruff + basedpyright + root/template sync script + pre-commit (all files); docstrings via Ruff `D` in pyproject (same coverage as `just docs-check`) |
+| `security.yml` | push/PR to main, weekly schedule | CodeQL + pip-audit (same invocation as `just audit`: `uv run --with pip-audit pip-audit`) |
 | `dependency-review.yml` | PR | Review dependency changes for security issues |
 | `release.yml` | tag push (`v*`), manual (`workflow_dispatch`) | Bump version, create tag, publish GitHub Release |
 | `pre-commit-update.yml` | weekly schedule, manual | Auto-update pre-commit hook versions via PR |
@@ -55,8 +55,8 @@ before pushing a tag.
 
 | Meta-repo (here) | Generated projects (`template/.github/workflows/`) |
 |---|---|
-| `tests.yml` — tests the template rendering | `ci.yml` — tests the generated project's code |
-| `lint.yml` — lints meta-repo Python/tests | `lint.yml` — lints generated project code |
+| `tests.yml` — tests the template rendering | `ci.yml` — lint, typecheck, pre-commit, and pytest matrix for generated projects (aligns with `just ci`) |
+| `lint.yml` — lints meta-repo Python/tests | `lint.yml` — fast Ruff-only check; full gate is `ci.yml` (lint, types, pre-commit, tests) |
 | `security.yml` — audits meta-repo deps | `security.yml` — audits generated project deps (conditional) |
 | `release.yml` — releases the template | `release.yml` — releases the generated project (conditional) |
 | `file-freshness.yml` — tracks template file age | _(no equivalent)_ |

.github/workflows/lint.yml

@@ -1,6 +1,10 @@
 # Lint workflow — runs ruff (format + lint), basedpyright (type checking), and pre-commit
 # hooks on every push and PR.
 #
+# Docstring rules (D) are enforced by `ruff check` via pyproject `select`. The separate
+# `just docs-check` recipe is the same D-only pass for clearer local output; no extra
+# GitHub step is required for docstrings beyond this workflow's Ruff step.
+#
 # References:
 #   Ruff documentation:         https://docs.astral.sh/ruff/
 #   BasedPyright:               https://docs.basedpyright.com/

.github/workflows/security.yml

@@ -70,4 +70,4 @@ jobs:
         run: uv sync --frozen --extra dev
 
       - name: Run pip-audit
-        run: uv export --frozen --format requirements-txt --extra dev | uvx pip-audit --requirement /dev/stdin
+        run: uv export --frozen --format requirements-txt --extra dev | uv run --with pip-audit pip-audit --requirement /dev/stdin

CLAUDE.md

@@ -87,12 +87,14 @@ the justfile handles the correct flags and order.
 just ci
 ```
 
-This runs: `fix` → `fmt` → `ci-check`.
+This runs: `fix` → `ci-check`.
 
 `ci-check` bundles: `uv sync --frozen`, `fmt-check`, `ruff check`, `basedpyright`,
-`docs-check`, `test-ci` (pytest + coverage XML), `pre-commit --all-files`, `audit` (pip-audit).
+`sync-check`, `docs-check` (D-only; redundant with `ruff check` for enforcement), `test-ci`
+(pytest + coverage XML), `pre-commit run --all-files --verbose`, `audit` (pip-audit).
 
-All steps must pass before a PR is mergeable.
+Together, `lint.yml` + `tests.yml` + `security.yml` mirror these checks on GitHub (CodeQL is
+GHA-only). All steps must pass before a PR is mergeable.
 
 ## Generating a test project from the template
 

justfile

@@ -64,7 +64,7 @@ type:
 
 # -------------------------------------------------------------------------
 # Testing
-# 
+#
 # Default: Minimal logging (quiet mode, dots only, warnings/errors only)
 # For verbose output with test names, use: just test-verbose
 # For full debug output, use: just test-debug

template/.github/workflows/ci.yml.jinja

@@ -35,7 +35,7 @@ jobs:
       - uses: actions/checkout@v6
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v8
+        uses: astral-sh/setup-uv@v8.0.0
         with:
           enable-cache: true
 
@@ -46,10 +46,10 @@ jobs:
         run: uv sync --frozen --extra dev --extra test{% if include_docs %} --extra docs{% endif %}
 
       - name: Run Ruff (format check)
-        run: uv run ruff format --check .
+        run: uv run ruff format --check src tests
 
       - name: Run Ruff (lint)
-        run: uv run ruff check .
+        run: uv run ruff check src tests
 
   typecheck:
     name: Type Check
@@ -58,7 +58,7 @@ jobs:
       - uses: actions/checkout@v6
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v8
+        uses: astral-sh/setup-uv@v8.0.0
         with:
           enable-cache: true
 
@@ -71,6 +71,26 @@ jobs:
       - name: Run BasedPyright
         run: uv run basedpyright
 
+  precommit:
+    name: Pre-commit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v8.0.0
+        with:
+          enable-cache: true
+
+      - name: Set up Python
+        run: uv python install {{ python_min_version }}
+
+      - name: Install dependencies
+        run: uv sync --frozen --extra dev --extra test{% if include_docs %} --extra docs{% endif %}
+
+      - name: Pre-commit (all files)
+        run: uv run pre-commit run --all-files --verbose
+
   test:
     name: Test (Python {% raw %}${{ matrix.python-version }}{% endraw %})
     runs-on: ubuntu-latest
@@ -83,7 +103,7 @@ jobs:
       - uses: actions/checkout@v6
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v8
+        uses: astral-sh/setup-uv@v8.0.0
         with:
           enable-cache: true
 
@@ -107,13 +127,13 @@ jobs:
 
   check:
     name: All Checks Passed
-    needs: [lint, typecheck, test]
+    needs: [lint, typecheck, precommit, test]
     runs-on: ubuntu-latest
     if: always()
     steps:
       - name: Check results
         run: |
-          if {% raw %}[[ "${{ needs.lint.result }}" != "success" || "${{ needs.typecheck.result }}" != "success" || "${{ needs.test.result }}" != "success" ]]{% endraw %}; then
+          if {% raw %}[[ "${{ needs.lint.result }}" != "success" || "${{ needs.typecheck.result }}" != "success" || "${{ needs.precommit.result }}" != "success" || "${{ needs.test.result }}" != "success" ]]{% endraw %}; then
             echo "One or more checks failed"
             exit 1
           fi

template/.github/workflows/lint.yml.jinja

@@ -42,7 +42,7 @@ jobs:
         run: uv sync --frozen --extra dev --extra test{% if include_docs %} --extra docs{% endif %}
 
       - name: Ruff format (check)
-        run: uv run ruff format --check .
+        run: uv run ruff format --check src tests
 
       - name: Ruff lint
-        run: uv run ruff check .
+        run: uv run ruff check src tests

template/.github/workflows/security.yml.jinja

@@ -82,4 +82,4 @@ jobs:
         run: uv sync --frozen --extra dev
 
       - name: Run pip-audit
-        run: uv export --frozen --format requirements-txt --extra dev | uvx pip-audit --requirement /dev/stdin
+        run: uv export --frozen --format requirements-txt --extra dev | uv run --with pip-audit pip-audit --requirement /dev/stdin

template/CLAUDE.md.jinja

@@ -131,7 +131,7 @@ Load a skill by reading its `SKILL.md`: e.g. `.claude/skills/tdd-workflow/SKILL.
 
 A feature or fix is **done** when all of the following are true:
 
-1. `just ci` passes with zero errors (lint → types → docstrings → tests → pre-commit).
+1. `just ci` passes with zero errors (lint → types → docstrings → `test-ci` → pre-commit; matches `.github/workflows/ci.yml`).
 2. Every new public function/class/method has a Google-style docstring (Args/Returns/Raises where applicable).
 3. Every new function/method has complete type annotations (parameters + return type).
 4. At least one test case covers each new public symbol.