Merge branch 'main' into feature/karpathy-lab-init

Neiland85 · web-flow · commit ed2f6612ba29 · 2025-12-11T03:34:00.000+01:00
diff --git a/.github/workflows/ci-cd-fixed.yml b/.github/workflows/ci-cd-fixed.yml
diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -0,0 +1,21 @@
+name: CD – Deploy to Railway
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install Railway CLI
+        run: |
+          curl -fsSL https://railway.app/install.sh | sh
+
+      - name: Deploy to Railway
+        env:
+          RAILWAY_TOKEN: ${{ secrets.RAILWAY_TOKEN }}
+        run: railway up --ci
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -0,0 +1,24 @@
+name: CI - Lint
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install linting tools
+        run: pip install black isort autoflake
+
+      - name: Run Black
+        run: black --check app
+
+      - name: Run isort
+        run: isort --check-only app
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -0,0 +1,29 @@
+name: CI – Security Scan
+
+on:
+  pull_request:
+    branches: [main]
+  push:
+    branches:
+      - "feature/**"
+
+jobs:
+  security:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install security tooling
+        run: pip install bandit safety
+
+      - name: Run Bandit
+        run: bandit -r app -ll
+
+      - name: Dependency vulnerability scan
+        run: safety check -r requirements.txt || true
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,30 @@
+name: CI – Test Suite
+
+on:
+  pull_request:
+    branches: [main]
+  push:
+    branches:
+      - "feature/**"
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install dependencies
+        run: |
+          pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install pytest pytest-asyncio pytest-cov
+
+      - name: Run unit tests
+        run: pytest -q --disable-warnings --maxfail=1
diff --git a/.gitignore b/.gitignore
@@ -61,3 +61,4 @@ safety-report.json
 NeuroBank-FastAPI-Toolkit-1/
 
 neurobank-fastapi.code-workspace
+neurobank-fastapi.code-workspace
diff --git a/app/config.py b/app/config.py
@@ -15,7 +15,7 @@ class Settings(BaseSettings):
     app_version: str = "1.0.0"
 
     # Server Configuration
-    host: str = "0.0.0.0"
+    host: str = "0.0.0.0"  # nosec B104
     port: int = int(os.getenv("PORT", 8000))
 
     # Environment Configuration
diff --git a/app/main.py b/app/main.py

Original file line number	Diff line number	Diff line change
`@@ -61,3 +61,4 @@ safety-report.json`
`61`	`61`	`NeuroBank-FastAPI-Toolkit-1/`
`62`	`62`
`63`	`63`	`neurobank-fastapi.code-workspace`
	`64`	`+neurobank-fastapi.code-workspace`