fromager/.coderabbit.yaml at main · python-wheel-build/fromager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
# CodeRabbit Configuration for python-wheel-build/fromager

language: "en-US"
early_access: false
inheritance: true

tone_instructions: >-
  Be direct and concise. Provide code suggestions when flagging issues.
  Skip comments already handled by ruff, mypy, or pre-commit. Only comment
  on specific bugs, security issues, or measurable improvements.

reviews:
  profile: chill

  request_changes_workflow: false

  high_level_summary: false
  high_level_summary_in_walkthrough: true
  poem: false
  review_status: true
  collapse_walkthrough: true
  sequence_diagrams: false
  changed_files_summary: false
  suggested_labels: false
  suggested_reviewers: false
  related_issues: false
  related_prs: false

  commit_status: true
  fail_commit_status: false

  finishing_touches:
    docstrings:
      enabled: false
    unit_tests:
      enabled: false

  pre_merge_checks:
    description:
      mode: warning
    docstrings:
      mode: off

  tools:
    # Disable tools that fromager already runs via hatch/pre-commit
    ruff:
      enabled: false
    flake8:
      enabled: false
    pylint:
      enabled: false
    markdownlint:
      enabled: false

    # Not applicable (no JS/TS/Go in fromager)
    biome:
      enabled: false
    eslint:
      enabled: false
    golangci-lint:
      enabled: false

    # Enable security scanning tools
    gitleaks:
      enabled: true
    semgrep:
      enabled: true
    shellcheck:
      enabled: true
    yamllint:
      enabled: true
    actionlint:
      enabled: true
    checkov:
      enabled: true

  path_instructions:
    - path: "**"
      instructions: >-
        Focus on major issues impacting performance, readability,
        maintainability and security. Avoid nitpicks and verbosity.

    - path: "tests/**"
      instructions: >-
        Verify test actually tests the intended behavior. Check for missing
        edge cases. Flag overly brittle mocks. Skip all style comments —
        ruff handles that.

    - path: "e2e/**/*.sh"
      instructions: >-
        Check for proper cleanup and teardown (trap handlers). Look for race
        conditions in server startup/shutdown. Ensure set -euo pipefail is
        used. Verify variables are quoted to prevent word splitting.

    - path: ".github/workflows/**"
      instructions: >-
        Check that actions are pinned by SHA, not tag (supply chain security).
        No secret interpolation in run: blocks. Least-privilege permissions
        per job.

    - path: "**/*.md"
      instructions: >-
        Only comment on factual errors or broken links. Skip all formatting
        and style suggestions.

  path_filters:
    - "!**/*.pyc"
    - "!**/__pycache__/**"
    - "!.venv/**"
    - "!venv/**"
    - "!htmlcov/**"
    - "!.pytest_cache/**"
    - "!.ruff_cache/**"
    - "!*.egg-info/**"
    - "!build/**"
    - "!dist/**"
    - "!.mypy_cache/**"
    - "!*.log"
    - "!*.tmp"

  auto_review:
    enabled: true
    drafts: false
    ignore_title_keywords:
      - "WIP"
      - "DO NOT MERGE"
    labels:
      - "!work-in-progress"

knowledge_base:
  learnings:
    scope: local
  issues:
    scope: local