Skip to content

Stable API facade, failure bundles, tag-based releases, and full docs refresh#455

Open
JE-Chen wants to merge 5 commits into
devfrom
docs/actions-menu-docs-refresh
Open

Stable API facade, failure bundles, tag-based releases, and full docs refresh#455
JE-Chen wants to merge 5 commits into
devfrom
docs/actions-menu-docs-refresh

Conversation

@JE-Chen

@JE-Chen JE-Chen commented Jul 3, 2026

Copy link
Copy Markdown
Member

Summary

  • Stable je_auto_control.api facade — small, lazy, typed entry point for new integrations (execute_action, execute_action_with_vars, generate_code, run_diagnostics, failure bundles), governed by a written lifecycle policy (docs/API_LIFECYCLE.md) with utils/deprecation.deprecated for consistent deprecation metadata.
  • Failure bundles — atomic, redacted autocontrol.failure-bundle/v1 diagnostic ZIPs (create_failure_bundle / failure_bundle_on_error, CLI failure-bundle); best-effort collectors record their own failures instead of losing the bundle; codegen --failure-bundle wraps generated pytest in automatic diagnostics; secret redactor now masks explicit key=value / bearer-token syntax regardless of entropy.
  • Release engineering — publishing moves from push-to-main to immutable v* tags with version-tag verification, wheel smoke test, build-provenance attestation, and PyPI Trusted Publishing (release.yml); quality.yml adds dependency review, a coverage floor (fail-under 35), and a mypy gate on the stable API; new platform-smoke matrix (Windows/Ubuntu/macOS × 3.10/3.14).
  • Docs refresh — new SECURITY.md, CHANGELOG.md, docs/API_LIFECYCLE.md, docs/CAPABILITY_MATRIX.md; v223 Actions-menu feature doc (EN/Zh); Sphinx indexes catch up on v182–v223; READMEs ×3 and WHATS_NEW ×3 synced; Actions-menu tab contract recorded in CLAUDE.md.

Test plan

  • Full headless suite: 3990 passed, 16 skipped
  • mypy je_auto_control/api je_auto_control/utils/failure_bundle clean (with follow_imports=silent so only the stable surface is enforced)
  • ruff / bandit / radon clean on new and changed modules
  • Qt-free import invariant verified; CLI failure-bundle smoke test produces a redacted archive
  • All v182–v223 rst files exist in both languages

JE-Chen added 3 commits July 3, 2026 15:28
New integrations get a small, lazy, typed entry point instead of the
eager historical top-level surface. Failed runs produce one atomic,
redacted autocontrol.failure-bundle/v1 ZIP (manifest, context, events,
log tail, optional screenshot/diagnostics) with best-effort collectors
so a broken screen grab cannot lose the bundle. codegen --failure-bundle
wraps generated pytest in automatic diagnostics; the secret redactor now
masks explicit key=value and bearer-token syntax regardless of entropy.
Publishing on every push to main made releases unauditable. Releases now
require a v* tag whose version must match pyproject, build provenance is
attested, and PyPI uses Trusted Publishing. quality.yml gains dependency
review, a coverage floor, and a mypy gate on the stable API surface; a
platform-smoke matrix exercises the stable API on all three OSes.
…exes

The docs lagged the code: Sphinx indexes stopped at v181 while v182-v223
existed, the Actions-menu redesign was undocumented outside WHATS_NEW,
and the project had no security policy, changelog, API lifecycle, or
honest platform-support statement. Adds all four, documents the menu-
driven GUI (v223 EN/Zh), syncs the three READMEs and WHATS_NEW files,
and records the Actions-menu tab contract in CLAUDE.md.
@codacy-production

codacy-production Bot commented Jul 3, 2026

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 37 complexity · 0 duplication

Metric Results
Complexity 37
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

JE-Chen added 2 commits July 3, 2026 21:31
… mypy numpy, secret fixtures

- pytest-headless job lacked pytest-cov, so the --cov flags were unrecognized
- platform-smoke Linux runs need a virtual display (X11 connects at import)
- pin pypa/gh-action-pypi-publish to a full commit SHA (Sonar S7637 / Semgrep)
- skip numpy stubs under mypy (its type statements need 3.12+ to parse)
- assemble secret-shaped test values at runtime (Sonar S2068)
@sonarqubecloud

sonarqubecloud Bot commented Jul 3, 2026

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant