Stable API facade, failure bundles, tag-based releases, and full docs refresh#455
Open
JE-Chen wants to merge 5 commits into
Open
Stable API facade, failure bundles, tag-based releases, and full docs refresh#455JE-Chen wants to merge 5 commits into
JE-Chen wants to merge 5 commits into
Conversation
New integrations get a small, lazy, typed entry point instead of the eager historical top-level surface. Failed runs produce one atomic, redacted autocontrol.failure-bundle/v1 ZIP (manifest, context, events, log tail, optional screenshot/diagnostics) with best-effort collectors so a broken screen grab cannot lose the bundle. codegen --failure-bundle wraps generated pytest in automatic diagnostics; the secret redactor now masks explicit key=value and bearer-token syntax regardless of entropy.
Publishing on every push to main made releases unauditable. Releases now require a v* tag whose version must match pyproject, build provenance is attested, and PyPI uses Trusted Publishing. quality.yml gains dependency review, a coverage floor, and a mypy gate on the stable API surface; a platform-smoke matrix exercises the stable API on all three OSes.
…exes The docs lagged the code: Sphinx indexes stopped at v181 while v182-v223 existed, the Actions-menu redesign was undocumented outside WHATS_NEW, and the project had no security policy, changelog, API lifecycle, or honest platform-support statement. Adds all four, documents the menu- driven GUI (v223 EN/Zh), syncs the three READMEs and WHATS_NEW files, and records the Actions-menu tab contract in CLAUDE.md.
Up to standards ✅🟢 Issues
|
| Metric | Results |
|---|---|
| Complexity | 37 |
| Duplication | 0 |
NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.
… mypy numpy, secret fixtures - pytest-headless job lacked pytest-cov, so the --cov flags were unrecognized - platform-smoke Linux runs need a virtual display (X11 connects at import) - pin pypa/gh-action-pypi-publish to a full commit SHA (Sonar S7637 / Semgrep) - skip numpy stubs under mypy (its type statements need 3.12+ to parse) - assemble secret-shaped test values at runtime (Sonar S2068)
…k the typing gate
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



Summary
je_auto_control.apifacade — small, lazy, typed entry point for new integrations (execute_action,execute_action_with_vars,generate_code,run_diagnostics, failure bundles), governed by a written lifecycle policy (docs/API_LIFECYCLE.md) withutils/deprecation.deprecatedfor consistent deprecation metadata.autocontrol.failure-bundle/v1diagnostic ZIPs (create_failure_bundle/failure_bundle_on_error, CLIfailure-bundle); best-effort collectors record their own failures instead of losing the bundle;codegen --failure-bundlewraps generated pytest in automatic diagnostics; secret redactor now masks explicitkey=value/ bearer-token syntax regardless of entropy.v*tags with version-tag verification, wheel smoke test, build-provenance attestation, and PyPI Trusted Publishing (release.yml);quality.ymladds dependency review, a coverage floor (fail-under 35), and a mypy gate on the stable API; new platform-smoke matrix (Windows/Ubuntu/macOS × 3.10/3.14).SECURITY.md,CHANGELOG.md,docs/API_LIFECYCLE.md,docs/CAPABILITY_MATRIX.md; v223 Actions-menu feature doc (EN/Zh); Sphinx indexes catch up on v182–v223; READMEs ×3 and WHATS_NEW ×3 synced; Actions-menu tab contract recorded in CLAUDE.md.Test plan
mypy je_auto_control/api je_auto_control/utils/failure_bundleclean (withfollow_imports=silentso only the stable surface is enforced)failure-bundlesmoke test produces a redacted archive