feat: Add comprehensive developer tools integration

- Add Codecov configuration for code coverage reporting
- Set up Snyk and other security scanning workflows (pip-audit, safety)
- Configure comprehensive pre-commit hooks with multiple linters and formatters
- Set up Read the Docs configuration with Sphinx documentation
- Add documentation dependencies and initial docs structure
- Update badges in README for documentation status

These integrations provide:
- Automated code quality checks
- Security vulnerability scanning
- Documentation hosting
- Code coverage tracking

Author: Vijay Iyengar

.github/workflows/security-scan.yml

@@ -0,0 +1,99 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main, develop ]
+  schedule:
+    - cron: '0 0 * * 1'  # Weekly on Monday
+
+jobs:
+  snyk:
+    name: Snyk Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+      
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/python@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=high --file=pyproject.toml
+        continue-on-error: true  # Don't fail the build on vulnerabilities initially
+      
+      - name: Upload Snyk results to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v3
+        if: always()
+        with:
+          sarif_file: snyk.sarif
+        continue-on-error: true
+  
+  pip-audit:
+    name: Pip Audit
+    runs-on: ubuntu-latest
+    env:
+      UV_SYSTEM_PYTHON: 1
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          enable-cache: true
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+      
+      - name: Install dependencies
+        run: |
+          uv pip install -e .
+          uv pip install pip-audit
+      
+      - name: Run pip-audit
+        run: |
+          pip-audit --desc --fix --dry-run
+        continue-on-error: true
+  
+  safety:
+    name: Safety Check
+    runs-on: ubuntu-latest
+    env:
+      UV_SYSTEM_PYTHON: 1
+    steps:
+      - uses: actions/checkout@v4
+      
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          enable-cache: true
+      
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+      
+      - name: Install dependencies
+        run: |
+          uv pip install -e .
+          uv pip install safety
+      
+      - name: Run Safety check
+        run: |
+          safety check --json --output safety-report.json
+        continue-on-error: true
+      
+      - name: Upload Safety report
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: safety-report
+          path: safety-report.json

.pre-commit-config.yaml

@@ -1,53 +1,119 @@
+# Pre-commit hooks for code quality
+# See https://pre-commit.com for more information
+
+default_language_version:
+  python: python3.10
+
 repos:
+  # General file checks
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v4.6.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: check-yaml
+        args: ['--allow-multiple-documents']
       - id: check-added-large-files
+        args: ['--maxkb=1000']
+      - id: check-case-conflict
+      - id: check-merge-conflict
       - id: check-json
       - id: check-toml
-      - id: check-merge-conflict
+      - id: check-xml
       - id: debug-statements
+      - id: detect-private-key
       - id: mixed-line-ending
         args: ['--fix=lf']
+      - id: name-tests-test
+        args: ['--pytest-test-first']
 
+  # Python code formatting with Ruff
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.1.9
+    rev: v0.8.6
     hooks:
+      # Run the linter
       - id: ruff
         args: [--fix]
+      # Run the formatter
       - id: ruff-format
 
+  # Additional Python formatting with Black
   - repo: https://github.com/psf/black
-    rev: 23.12.1
+    rev: 24.11.0
     hooks:
       - id: black
         language_version: python3.10
 
-  - repo: https://github.com/pycqa/isort
+  # Import sorting with isort
+  - repo: https://github.com/PyCQA/isort
     rev: 5.13.2
     hooks:
       - id: isort
         args: ["--profile", "black"]
 
+  # Type checking with mypy
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: v1.8.0
+    rev: v1.14.1
     hooks:
       - id: mypy
-        additional_dependencies: [types-all]
-        args: [--ignore-missing-imports]
+        args: [--ignore-missing-imports, --no-strict-optional]
+        additional_dependencies: [types-requests, types-PyYAML]
+        files: ^src/
 
-  - repo: https://github.com/pycqa/bandit
-    rev: 1.7.6
+  # Security checks with bandit
+  - repo: https://github.com/PyCQA/bandit
+    rev: 1.8.0
     hooks:
       - id: bandit
         args: ['-r', 'src/', '-ll']
-        files: .py$
+        files: ^src/
+
+  # Markdown formatting
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: v0.43.0
+    hooks:
+      - id: markdownlint
+        args: ['--fix', '--disable', 'MD013', 'MD033']
+
+  # YAML formatting
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
+        args: [-d, "{extends: default, rules: {line-length: {max: 120}, truthy: disable}}"]
 
+  # Check for secrets
+  - repo: https://github.com/Yelp/detect-secrets
+    rev: v1.5.0
+    hooks:
+      - id: detect-secrets
+        args: ['--baseline', '.secrets.baseline']
+        exclude: .*\.lock$|package-lock\.json$
+
+  # Python docstring coverage
+  - repo: https://github.com/econchick/interrogate
+    rev: 1.7.0
+    hooks:
+      - id: interrogate
+        args: [--verbose, --fail-under=50, src/]
+        pass_filenames: false
+
+  # Python dependency checks
   - repo: https://github.com/Lucas-C/pre-commit-hooks-safety
     rev: v1.3.3
     hooks:
       - id: python-safety-dependencies-check
-        files: pyproject.toml
+        files: pyproject.toml
+
+  # Commit message linting
+  - repo: https://github.com/commitizen-tools/commitizen
+    rev: v4.1.0
+    hooks:
+      - id: commitizen
+        stages: [commit-msg]
+
+# CI-specific settings
+ci:
+  autofix_prs: true
+  autoupdate_schedule: weekly
+  autoupdate_commit_msg: 'chore: auto-update pre-commit hooks'

.readthedocs.yaml

@@ -0,0 +1,39 @@
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the OS, Python version and other tools you might need
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.10"
+  
+  # You can also specify other tool versions:
+  # nodejs: "20"
+  # rust: "1.70"
+  # golang: "1.20"
+
+# Build documentation in the "docs/" directory with Sphinx
+sphinx:
+  configuration: docs/conf.py
+  builder: html
+  fail_on_warning: false
+
+# Optionally build your docs in additional formats such as PDF and ePub
+formats:
+  - pdf
+  - epub
+  - htmlzip
+
+# Optional but recommended, declare the Python requirements required
+# to build your documentation
+# See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html
+python:
+  install:
+    - method: pip
+      path: .
+      extra_requirements:
+        - docs
+    - requirements: docs/requirements.txt

.secrets.baseline

@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file
+version: v1.25.0
+
+# Ignore specific vulnerabilities
+ignore: {}
+
+# Patches to apply
+patch: {}
+
+# Language settings
+language-settings:
+  python: '3.10'

.snyk

@@ -2,6 +2,7 @@
 
 [![CI](https://github.com/Vijay-Duke/mcp-gitlab/actions/workflows/ci.yml/badge.svg)](https://github.com/Vijay-Duke/mcp-gitlab/actions/workflows/ci.yml)
 [![codecov](https://codecov.io/gh/Vijay-Duke/mcp-gitlab/branch/main/graph/badge.svg)](https://codecov.io/gh/Vijay-Duke/mcp-gitlab)
+[![Documentation Status](https://readthedocs.org/projects/mcp-gitlab/badge/?version=latest)](https://mcp-gitlab.readthedocs.io/en/latest/?badge=latest)
 [![Python Version](https://img.shields.io/badge/python-3.10%2B-blue)](https://www.python.org/downloads/)
 [![License](https://img.shields.io/badge/license-Apache%202.0-green)](https://opensource.org/licenses/Apache-2.0)
 [![MCP](https://img.shields.io/badge/MCP-Compatible-purple)](https://github.com/anthropics/mcp)

README.md

@@ -0,0 +1,65 @@
+# Codecov configuration for mcp-gitlab
+# https://docs.codecov.io/docs/codecov-yaml
+
+codecov:
+  require_ci_to_pass: true
+  notify:
+    wait_for_ci: true
+
+coverage:
+  precision: 2
+  round: down
+  range: "70...100"
+  
+  status:
+    project:
+      default:
+        target: 80%
+        threshold: 1%
+        paths:
+          - "src/"
+        if_not_found: success
+        informational: false
+        only_pulls: false
+    
+    patch:
+      default:
+        target: 80%
+        threshold: 1%
+        base: auto
+        if_not_found: success
+        informational: false
+        only_pulls: false
+
+parsers:
+  gcov:
+    branch_detection:
+      conditional: true
+      loop: true
+      method: false
+      macro: false
+
+comment:
+  layout: "reach,diff,flags,files,footer"
+  behavior: default
+  require_changes: false
+  require_base: false
+  require_head: true
+  hide_project_coverage: false
+
+ignore:
+  - "tests/**/*"
+  - "**/__pycache__/**/*"
+  - "setup.py"
+  - "**/test_*.py"
+  - "**/*_test.py"
+  - "docs/**/*"
+  - "examples/**/*"
+  - ".github/**/*"
+
+flags:
+  unittests:
+    paths:
+      - src/
+    carryforward: false
+    target: 80%