Merge main

Author: docktermj

.claude/CLAUDE.md

@@ -0,0 +1,68 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+This repository contains a Senzing Governor plugin that monitors PostgreSQL transaction ID (XID) age. When XID age exceeds a high watermark, it pauses processing threads until the age drops below a low watermark (achieved via PostgreSQL VACUUM).
+
+## Build and Development Commands
+
+This project uses `pyproject.toml` with setuptools and requires Python >= 3.10.
+
+```bash
+# Install dependencies (using uv, pip, or similar)
+uv sync --group all           # All dependency groups
+uv sync --group development   # Development dependencies only
+uv sync --group lint          # Linting tools only
+uv sync --group test          # Test dependencies only
+
+# Run unit tests
+python -m pytest src/senzing_governor_unit_test.py
+python -m unittest src/senzing_governor_unit_test.py
+
+# Run linters (configured in pyproject.toml)
+black --check src/
+isort --check src/
+flake8 src/
+pylint src/
+mypy src/
+bandit -r src/
+
+# Build package
+python -m build
+```
+
+## Code Architecture
+
+The entire implementation is in `src/senzing_governor.py`:
+
+- **`Governor` class**: The main class implementing the governor pattern
+  - `__init__()`: Configures watermarks, intervals, and database connections from environment variables or parameters
+  - `govern()`: Called by worker threads; checks XID age periodically and returns wait time (uses thread locking)
+  - `close()`: Closes database connections
+  - Supports Python context manager protocol (`with` statement)
+
+- **Watermark behavior**: Uses a stepped wait-time function based on ratio between current XID and watermarks. When above high watermark, returns -1.0 to signal system trouble.
+
+- **Database URL parsing**: Custom parsing handles complex PostgreSQL URLs with special characters; extracts from `SENZING_GOVERNOR_DATABASE_URLS`, `SENZING_DATABASE_URL`, or `SENZING_ENGINE_CONFIGURATION_JSON`.
+
+## Key Environment Variables
+
+- `SENZING_GOVERNOR_DATABASE_URLS`: PostgreSQL connection URLs (comma-separated for multiple DBs)
+- `SENZING_GOVERNOR_POSTGRESQL_HIGH_WATERMARK`: Default 1,500,000,000
+- `SENZING_GOVERNOR_POSTGRESQL_LOW_WATERMARK`: Default 1,200,000,000
+- `SENZING_GOVERNOR_INTERVAL`: Check interval (default 100,000 records)
+- `SENZING_GOVERNOR_LIST_SEPARATOR`: URL list separator (default comma)
+
+## Testing
+
+- `src/senzing_governor_unit_test.py`: Unit tests for `get_wait_time()` method
+- `src/senzing_governor_tester.py`: Integration test with multi-threaded example
+- `src/senzing_governor_tester_context_manager.py`: Context manager usage example
+
+## Code Style
+
+- Line length: 120 characters (black, flake8)
+- Import sorting: isort with black profile
+- Type checking: mypy with several error codes disabled (see pyproject.toml)

.claude/commands/senzing-code-review.md

@@ -0,0 +1,3 @@
+# Senzing
+
+- Perform the steps specified by <https://raw.githubusercontent.com/senzing-factory/claude/refs/tags/v1/commands/senzing.md>

.claude/commands/senzing.md

@@ -1,4 +1,4 @@
- # Default code owner
+# Default code owner
 
 * @Senzing/senzing-community
 

.claude/settings.local.json .claude/settings.json.claude/settings.local.json renamed to .claude/settings.json

@@ -3,11 +3,15 @@
 
 version: 2
 updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
+  - package-ecosystem: github-actions
+    cooldown:
+      default-days: 21
+    directory: /
     schedule:
-      interval: "daily"
-  - package-ecosystem: "pip"
-    directory: "/"
+      interval: daily
+  - package-ecosystem: pip
+    cooldown:
+      default-days: 21
+    directory: /
     schedule:
-      interval: "daily"
+      interval: daily

.github/CODEOWNERS

@@ -1,6 +1,4 @@
 {
-  "ignore": [
-    "**/src/**"
-  ],
+  "ignore": ["**/src/**"],
   "threshold": 15
-}
+}

.github/dependabot.yml

@@ -0,0 +1,59 @@
+# Linters
+
+## .checkov.yaml
+
+- [.checkov.yaml]
+- Used by [lint-workflows.yaml]
+- [checkov]
+  - [checkov configuration]
+
+## .jscpd.json
+
+- [.jscpd.json]
+- Used by [lint-workflows.yaml]
+- [jscpd]
+  - [jscpd configuration]
+  - Example:
+
+    ```json
+    {
+      "ignore": ["**/*.py,**/python-test*.yaml"],
+      "threshold": 10
+    }
+    ```
+
+## .yaml-lint.yml
+
+- [.yaml-lint.yml]
+- Used by [lint-workflows.yaml]
+- [yaml-lint]
+  - [yaml-lint configuration]
+
+## bearer.yml
+
+- [bearer.yml]
+- Used by [bearer.yaml]
+- [bearer]
+  - [bearer repository]
+  - [bearer configuration]
+
+## zizmor.yaml
+
+- [zizmor.yaml]
+
+[.checkov.yaml]: .checkov.yaml
+[.jscpd.json]: .jscpd.json
+[.yaml-lint.yml]: .yaml-lint.yml
+[bearer configuration]: https://docs.bearer.com/reference/config/
+[bearer repository]: https://github.com/Bearer/bearer/tree/main
+[bearer.yaml]: ../workflows/README.md#beareryaml
+[bearer.yml]: bearer.yml
+[bearer]: https://docs.bearer.com/
+[checkov configuration]: https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html
+[checkov]: https://www.checkov.io/
+[jscpd configuration]: https://github.com/kucherenko/jscpd/tree/master/apps/jscpd#options
+[jscpd]: https://github.com/kucherenko/jscpd
+[lint-workflows.yaml]: ../workflows/README.md#lint-workflowsyaml
+[yaml-lint configuration]: https://yamllint.readthedocs.io/en/stable/configuration.html
+[yaml-lint]: https://github.com/adrienverge/yamllint
+[zizmor.yaml]: zizmor.yaml

.github/linters/.jscpd.json

@@ -0,0 +1,2 @@
+rule:
+  skip-rule: []

.github/linters/README.md

@@ -0,0 +1,217 @@
+# Workflows
+
+## add-labels-standardized.yaml
+
+When issues are opened,
+this action adds appropriate labels to the issue.
+(e.g. "triage", "customer-submission")
+
+- [Add Labels Standardized GitHub Action]
+  - Uses: [senzing-factory/build-resources/.../add-labels-to-issue.yaml]
+
+## add-to-project-garage-dependabot.yaml
+
+When a Dependabot Pull Request (PR) is made against `main` branch,
+this action adds the PR to the "Garage" project board as "In Progress".
+
+- [Add to Project Garage Dependabot GitHub Action]
+  - Uses: [senzing-factory/build-resources/.../add-to-project-dependabot.yaml]
+
+## add-to-project-garage.yaml
+
+When an issue is created,
+this action adds the issue to the "Garage" board as "Backlog".
+
+- [Add to Project Garage GitHub Action]
+  - Uses: [senzing-factory/build-resources/.../add-to-project.yaml]
+
+## bandit.yaml
+
+When a Pull Request (PR) is made against `main` branch,
+this action runs [Bandit] to detect security issues.
+
+- [bandit.yaml]
+  - Uses: [lukehinds/bandit-action]
+
+## black.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs the [Black] code formatter.
+
+- [black.yaml]
+
+## dependabot-approve-and-merge.yaml
+
+When a Dependabot Pull Request (PR) is made against the `main` branch,
+this action determines if it should be automatically approved and merged into the `main` branch.
+Once this action occurs [move-pr-to-done-dependabot.yaml] moves the PR on the "Garage" project board to "Done".
+
+- [Dependabot Approve and Merge GitHub Action]
+  - Uses: [senzing-factory/build-resources/.../dependabot-approve-and-merge.yaml]
+
+## dependency-scan.yaml
+
+When a Pull Request is made against the `main` branch,
+this action runs [Fast Python Vulnerability Scanner] and [pip-audit].
+
+- [dependency-scan.yaml]
+  - Uses:
+    - [Fast Python Vulnerability Scanner]
+    - [pypa/gh-action-pip-audit]
+
+## docker-build-container.yaml
+
+When a Pull Request is made against the `main` branch,
+this action verifies that the `Dockerfile` can be successfully built.
+
+_Note:_ The Docker image is **not** pushed to [DockerHub].
+
+- [Docker Build Container GitHub Action]
+  - Uses: [senzing-factory/github-action-docker-buildx-build]
+
+## docker-push-containers-to-dockerhub.yaml
+
+After a [Semantic Version] release is created,
+this action builds Docker images on multiple architectures and pushes the Docker images to [DockerHub].
+
+- [Docker Push Containers to DockerHub GitHub Action]
+  - Uses: [senzing-factory/github-action-docker-buildx-build]
+
+## flake8.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs [flake8] for Python style enforcement.
+
+- [flake8.yaml]
+  - Uses: [py-actions/flake8]
+
+## isort.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs [isort] to sort the Python import statements
+
+- [isort.yaml]
+  - Uses: [isort/isort-action]
+
+## lint-workflows.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs [super-linter] to run multiple linters against the code.
+
+- [Lint Workflows GitHub Action]
+  - Configuration:
+    - [.checkov.yaml]
+    - [.jscpd.json]
+    - [.yaml-lint.yml]
+  - Uses: [senzing-factory/build-resources/.../lint-workflows.yaml]
+
+## move-pr-to-done-dependabot.yaml
+
+When a Pull Request is merged into the `main` branch,
+this action moves the PR on the "Garage" project board to "Done".
+
+- [Move PR to Done Dependabot GitHub Action]
+  - Uses: [senzing-factory/build-resources/.../move-pr-to-done-dependabot.yaml]
+
+## mypy.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs [mypy] to perform static type checking.
+
+- [mypy.yaml]
+
+## pylint.yaml
+
+When a change is committed to GitHub,
+this action runs [pylint] to perform static code analysis.
+
+- [pylint.yaml]
+
+## pytest-darwin.yaml
+
+When a Pull Request is merged into the `main` branch,
+this action runs [pytest] on the Darwin/macOS platform to perform unit tests and code coverage.
+
+- [pytest-darwin.yaml]
+  - Uses:
+    - [actions/checkout]
+    - [actions/setup-python]
+    - [senzing-factory/github-action-install-senzing-sdk]
+    - [pytest]
+    - [actions/upload-artifact]
+
+## pytest-linux.yaml
+
+When a change is committed to GitHub or a Pull Request is made against the `main` branch,
+this action runs [pytest] on the Linux platform to perform unit tests and code coverage.
+
+- [pytest-linux.yaml]
+  - Uses:
+    - [actions/checkout]
+    - [actions/setup-python]
+    - [senzing-factory/github-action-install-senzing-sdk]
+    - [pytest]
+    - [actions/upload-artifact]
+
+## pytest-windows.yaml
+
+When a Pull Request is merged into the `main` branch,
+this action runs [pytest] on the Windows platform to perform unit tests and code coverage.
+
+- [pytest-windows.yaml]
+  - Uses:
+    - [actions/checkout]
+    - [actions/setup-python]
+    - [senzing-factory/github-action-install-senzing-sdk]
+    - [pytest]
+    - [actions/upload-artifact]
+
+[.checkov.yaml]: ../linters/README.md#checkovyaml
+[.jscpd.json]: ../linters/README.md#jscpdjson
+[.yaml-lint.yml]: ../linters/README.md#yaml-lintyml
+[actions/checkout]: https://github.com/actions/checkout
+[actions/setup-python]: https://github.com/actions/setup-python
+[actions/upload-artifact]: https://github.com/actions/upload-artifact
+[Add Labels Standardized GitHub Action]: add-labels-standardized.yaml
+[Add to Project Garage Dependabot GitHub Action]: add-to-project-garage-dependabot.yaml
+[Add to Project Garage GitHub Action]: add-to-project-garage.yaml
+[bandit.yaml]: bandit.yaml
+[Bandit]: https://bandit.readthedocs.io/en/latest/
+[black.yaml]: black.yaml
+[Black]: https://github.com/psf/black
+[Dependabot Approve and Merge GitHub Action]: dependabot-approve-and-merge.yaml
+[dependency-scan.yaml]: dependency-scan.yaml
+[Docker Build Container GitHub Action]: docker-build-container.yaml
+[Docker Push Containers to DockerHub GitHub Action]: docker-push-containers-to-dockerhub.yaml
+[DockerHub]: https://hub.docker.com/
+[Fast Python Vulnerability Scanner]: https://github.com/vanschelven/fpvs/
+[flake8.yaml]: flake8.yaml
+[flake8]: https://flake8.pycqa.org/en/latest/
+[isort.yaml]: isort.yaml
+[isort]: https://pycqa.github.io/isort/
+[isort/isort-action]: https://github.com/isort/isort-action
+[Lint Workflows GitHub Action]: lint-workflows.yaml
+[lukehinds/bandit-action]: https://github.com/lukehinds/bandit-action
+[Move PR to Done Dependabot GitHub Action]: move-pr-to-done-dependabot.yaml
+[move-pr-to-done-dependabot.yaml]: move-pr-to-done-dependabotyaml
+[mypy.yaml]: mypy.yaml
+[mypy]: https://mypy-lang.org/
+[pip-audit]: https://github.com/pypa/pip-audit
+[py-actions/flake8]: https://github.com/py-actions/flake8
+[pylint.yaml]: pylint.yaml
+[pylint]: https://pypi.org/project/pylint/
+[pypa/gh-action-pip-audit]: https://github.com/pypa/gh-action-pip-audit
+[pytest-darwin.yaml]: pytest-darwin.yaml
+[pytest-linux.yaml]: pytest-linux.yaml
+[pytest-windows.yaml]: pytest-windows.yaml
+[pytest]: https://docs.pytest.org/en/stable/
+[Semantic Version]: https://semver.org/
+[senzing-factory/build-resources/.../add-labels-to-issue.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/add-labels-to-issue.yaml
+[senzing-factory/build-resources/.../add-to-project-dependabot.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/add-to-project-dependabot.yaml
+[senzing-factory/build-resources/.../add-to-project.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/add-to-project.yaml
+[senzing-factory/build-resources/.../dependabot-approve-and-merge.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/dependabot-approve-and-merge.yaml
+[senzing-factory/build-resources/.../lint-workflows.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/lint-workflows.yaml
+[senzing-factory/build-resources/.../move-pr-to-done-dependabot.yaml]: https://github.com/senzing-factory/build-resources/blob/main/.github/workflows/move-pr-to-done-dependabot.yaml
+[senzing-factory/github-action-docker-buildx-build]: https://github.com/senzing-factory/github-action-docker-buildx-build
+[senzing-factory/github-action-install-senzing-sdk]: https://github.com/senzing-factory/github-action-install-senzing-sdk
+[super-linter]: https://github.com/super-linter/super-linter