From f6b85b20cb06b7b29539c5ce8c821005f04be719 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 19:44:56 +0000 Subject: [PATCH 1/8] more agents --- AGENTS.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/AGENTS.md b/AGENTS.md index 6c9e9f64..aeb70e97 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -23,7 +23,6 @@ This project is a Copier template used to generate other copier templates. It is - Avoid magic values in comparisons in tests in all languages (like ruff rule PLR2004 specifies) - Prefer using random values in tests rather than arbitrary ones (e.g. the faker library, uuids, random.randint) when possible. For enums, pick randomly rather than hardcoding one value. - Avoid loops in tests — assert each item explicitly so failures pinpoint the exact element. When verifying a condition across all items in a collection, collect the violations into a list and assert it's empty (e.g., assert [x for x in items if bad_condition(x)] == []). -- Key `data-testid` selectors off unique IDs (e.g. UUIDs), not human-readable names which may collide or change. ### Python Testing @@ -37,6 +36,12 @@ This project is a Copier template used to generate other copier templates. It is - **Never hand-edit syrupy snapshot files.** Snapshots are auto-generated — to create or update them, run `uv run pytest --snapshot-update --no-cov`. A missing snapshot causes the test to fail, which is expected until you run with `--snapshot-update`. When a snapshot mismatch occurs, fix the code if the change was unintentional; run `--snapshot-update` if it was intentional. - **Never hand-write or hand-edit pytest-reserial `.jsonl` recording files.** Recordings must be captured from real serial port traffic by running the test with `--record` while the device is connected: `uv run pytest --record --no-cov`. The default mode replays recordings — a missing recording causes an error, which is expected until recorded against a live device. +### Frontend Testing + +- Key `data-testid` selectors off unique IDs (e.g. UUIDs), not human-readable names which may collide or change. +- In DOM-based tests, scope queries to the tightest relevant container. Only query `document` or `document.body` directly to find the top-level portal/popup element (e.g. a Reka UI dialog via `[role="dialog" +][data-state="open"]`); all further queries should run on that element, not on `document.body` again. + # Agent Implementations & Configurations ## Memory and Rules From 04f2c449a8cde45ac571550e5c5574059e82e52b Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:17:51 +0000 Subject: [PATCH 2/8] skip --- template/.github/actions/install_deps/action.yml.jinja-base | 2 +- template/template/.github/workflows/ci.yaml.jinja | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/template/.github/actions/install_deps/action.yml.jinja-base b/template/.github/actions/install_deps/action.yml.jinja-base index c21e92b7..3ca2d720 100644 --- a/template/.github/actions/install_deps/action.yml.jinja-base +++ b/template/.github/actions/install_deps/action.yml.jinja-base @@ -47,7 +47,7 @@ inputs: skip-installing-pulumi-cli: type: boolean description: Whether to skip installing the Pulumi CLI even if the lock file references it - default: true + default: false required: false diff --git a/template/template/.github/workflows/ci.yaml.jinja b/template/template/.github/workflows/ci.yaml.jinja index a1e70a54..f54457b9 100644 --- a/template/template/.github/workflows/ci.yaml.jinja +++ b/template/template/.github/workflows/ci.yaml.jinja @@ -17,6 +17,8 @@ permissions: jobs: get-values: uses: ./.github/workflows/get-values.yaml + permissions: + contents: write # needed for updating dependabot branches check-skip-duplicate: runs-on: {% endraw %}{{ gha_linux_runner }}{% raw %} From 542eabe90ab65c5154be60db8665ef4895efd746 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:20:43 +0000 Subject: [PATCH 3/8] More context --- extensions/context.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/extensions/context.py b/extensions/context.py index 4d03a034..86add4b7 100644 --- a/extensions/context.py +++ b/extensions/context.py @@ -26,12 +26,12 @@ def hook(self, context: dict[Any, Any]) -> dict[Any, Any]: context["ty_version"] = ">=0.0.23" ####### context["sphinx_version"] = "9.0.4" - context["pulumi_version"] = ">=3.226.0" + context["pulumi_version"] = ">=3.228.0" context["pulumi_aws_version"] = ">=7.23.0" - context["pulumi_aws_native_version"] = ">=1.57.0" + context["pulumi_aws_native_version"] = ">=1.59.0" context["pulumi_command_version"] = ">=1.2.1" context["pulumi_github_version"] = ">=6.12.1" - context["pulumi_okta_version"] = ">=6.2.3" + context["pulumi_okta_version"] = ">=6.4.0" context["boto3_version"] = ">=1.42.53" context["ephemeral_pulumi_deploy_version"] = ">=0.0.6" context["pydantic_version"] = ">=2.12.5" From bcef210a881ca5e0657880c69dd21ec15510fda9 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:22:02 +0000 Subject: [PATCH 4/8] agents --- AGENTS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/AGENTS.md b/AGENTS.md index aeb70e97..8c78321e 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -23,6 +23,7 @@ This project is a Copier template used to generate other copier templates. It is - Avoid magic values in comparisons in tests in all languages (like ruff rule PLR2004 specifies) - Prefer using random values in tests rather than arbitrary ones (e.g. the faker library, uuids, random.randint) when possible. For enums, pick randomly rather than hardcoding one value. - Avoid loops in tests — assert each item explicitly so failures pinpoint the exact element. When verifying a condition across all items in a collection, collect the violations into a list and assert it's empty (e.g., assert [x for x in items if bad_condition(x)] == []). +- When asserting a mock or spy was called with specific arguments, always constrain as tightly as possible. In order of preference: (1) assert called exactly once with those args (`assert_called_once_with` in Python, `toHaveBeenCalledExactlyOnceWith` in Vitest/Jest); (2) if multiple calls are expected, assert the total call count and use a positional or last-call assertion (`nthCalledWith`, `lastCalledWith` / `assert_has_calls` with `call_args_list[n]`); (3) plain "called with at any point" (`toHaveBeenCalledWith`, `assert_called_with`) is a last resort only when neither the call count nor the call order can reasonably be constrained. ### Python Testing From 388afe08a57fdb82dcef7addb28e5c3e312cec8d Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:24:55 +0000 Subject: [PATCH 5/8] read --- template/.github/workflows/ci.yaml.jinja-base | 1 + 1 file changed, 1 insertion(+) diff --git a/template/.github/workflows/ci.yaml.jinja-base b/template/.github/workflows/ci.yaml.jinja-base index 673af8db..fe5421a1 100644 --- a/template/.github/workflows/ci.yaml.jinja-base +++ b/template/.github/workflows/ci.yaml.jinja-base @@ -13,6 +13,7 @@ env: permissions: id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) + contents: read # need to explicitly provide this whenever defining permissions because the default value is 'none' for anything not explicitly set when permissions are defined jobs: get-values: From 4350dd656ed8307fa5cc89c3b3c70cd13a44cd60 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:27:10 +0000 Subject: [PATCH 6/8] More read --- template/template/.github/workflows/ci.yaml.jinja | 1 + 1 file changed, 1 insertion(+) diff --git a/template/template/.github/workflows/ci.yaml.jinja b/template/template/.github/workflows/ci.yaml.jinja index f54457b9..4b65122a 100644 --- a/template/template/.github/workflows/ci.yaml.jinja +++ b/template/template/.github/workflows/ci.yaml.jinja @@ -13,6 +13,7 @@ env: permissions: id-token: write # needed to assume OIDC roles (e.g. for downloading from CodeArtifact) + contents: read # need to explicitly provide this whenever defining permissions because the default value is 'none' for anything not explicitly set when permissions are defined jobs: get-values: From 778c95e28cb74bdb43bd8726e9e0372e56fda678 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:38:10 +0000 Subject: [PATCH 7/8] rabit --- .coderabbit.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.coderabbit.yaml b/.coderabbit.yaml index 1d2e81ac..372316ba 100644 --- a/.coderabbit.yaml +++ b/.coderabbit.yaml @@ -7,6 +7,8 @@ reviews: instructions: "These files came from a vendor and we're not allowed to change them. Refer to it if you need to understand how the main code interacts with it, but do not make comments about it." - path: "**/*.py" instructions: "Check the `ruff.toml` and `ruff-test.toml` for linting rules we've explicitly disabled and don't suggest changes to please conventions we've disabled. Do not express concerns about ruff rules; a pre-commit hook already runs a ruff check. Do not warn about unnecessary super().__init__() calls; pyright prefers those to be present. Do not warn about missing type hints; a pre-commit hook already checks for that." + - path: "**/.copier-answers.yml" + instructions: "Do not comment about the `_commit` value needing to be a clean release tag. A CI job will fail if that is not the case." tools: eslint: # when the code contains typescript, eslint will be run by pre-commit, and coderabbit often generates false positives enabled: false From 1f264ca6bf49f75cb7c1b7c0cdc427ce423863b1 Mon Sep 17 00:00:00 2001 From: Eli Fine Date: Mon, 30 Mar 2026 20:47:18 +0000 Subject: [PATCH 8/8] whitespace --- AGENTS.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index 8c78321e..89ac5111 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -40,8 +40,7 @@ This project is a Copier template used to generate other copier templates. It is ### Frontend Testing - Key `data-testid` selectors off unique IDs (e.g. UUIDs), not human-readable names which may collide or change. -- In DOM-based tests, scope queries to the tightest relevant container. Only query `document` or `document.body` directly to find the top-level portal/popup element (e.g. a Reka UI dialog via `[role="dialog" -][data-state="open"]`); all further queries should run on that element, not on `document.body` again. +- In DOM-based tests, scope queries to the tightest relevant container. Only query `document` or `document.body` directly to find the top-level portal/popup element (e.g. a Reka UI dialog via `[role="dialog"][data-state="open"]`); all further queries should run on that element, not on `document.body` again. # Agent Implementations & Configurations