Skip to content

feat(dev) TRCLI-185 Enhanced Development Workflow #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
acuanico-tr-galt merged 8 commits into from
Oct 31, 2025
Merged

feat(dev) TRCLI-185 Enhanced Development Workflow #365

acuanico-tr-galt merged 8 commits into from
Oct 31, 2025

Conversation

@acuanico-tr-galt
Copy link
Collaborator

@acuanico-tr-galt acuanico-tr-galt commented Oct 27, 2025

No description provided.

@github-advanced-security
Copy link

github-advanced-security bot commented Oct 27, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@gurock gurock deleted a comment from github-actions bot Oct 27, 2025
@gurock gurock deleted a comment from github-actions bot Oct 27, 2025
@github-actions
Copy link

github-actions bot commented Oct 27, 2025

🔒 Security Scan Results

📦 Dependency Vulnerabilities (pip-audit) 
### Pip Audit Results
🛡️ Safety Check Results 
### Safety Check Results


�[33m�[1m+===========================================================================================================================================================================================+�[0m


�[31m�[1mDEPRECATED: �[0m�[33m�[1mthis command (`check`) has been DEPRECATED, and will be unsupported beyond 01 June 2024.�[0m


�[32mWe highly encourage switching to the new �[0m�[32m�[1m`scan`�[0m�[32m command which is easier to use, more powerful, and can be set up to mimic the deprecated command if required.�[0m


�[33m�[1m+===========================================================================================================================================================================================+�[0m


+==============================================================================+

                               /$$$$$$            /$$
                              /$$__  $$          | $$
           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$
          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$
         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$
          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$
          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$
         |_______/  \_______/|__/     \_______/   \___/   \____  $$
                                                          /$$  | $$
                                                         |  $$$$$$/
  by safetycli.com                                        \______/

+==============================================================================+

 �[1mANNOUNCEMENTS�[0m 

�[33m  * Warning: pytest, pytest-md-report, coverage, allure-pytest, pytest-�[0m 
�[33m    freezegun, pytest-mock, requests-mock, pyyaml, junitparser, pyserde,�[0m 
�[33m    requests, tqdm, humanfriendly, deepdiff and beartype are unpinned. Safety�[0m 
�[33m    by default does not report on potential vulnerabilities in unpinned�[0m 
�[33m    packages. It is recommended to pin your dependencies unless this is a�[0m 
�[33m    library meant for distribution. To learn more about reporting these,�[0m 
�[33m    specifier range handling, and options for scanning unpinned packages visit�[0m 
�[33m    https://docs.pyup.io/docs/safety-range-specs�[0m 

+==============================================================================+

 �[1mREPORT�[0m 

  Safety �[1mv3.6.2�[0m is scanning for �[1mVulnerabilities�[0m�[1m...�[0m
�[1m  Scanning dependencies�[0m in your �[1mfiles:�[0m

  -> tests/requirements.txt

  Using �[1mopen-source vulnerability database�[0m
�[1m  Found and scanned 16 packages�[0m
  Timestamp �[1m2025-10-27 10:40:33�[0m
�[1m  0�[0m�[1m vulnerabilities reported�[0m
�[1m  15�[0m�[1m vulnerabilities ignored�[0m

+==============================================================================+
 �[1mVULNERABILITIES REPORTED�[0m 
+==============================================================================+

�[33m-> Warning: 1 known vulnerability matches the deepdiff versions that could be�[0m 
�[33m   installed from your specifier: deepdiff>=0 (unpinned). These vulnerabilities�[0m 
�[33m   are not reported by default. To report these vulnerabilities set 'ignore-�[0m 
�[33m   unpinned-requirements' to False under 'security' in your policy file. See�[0m 
�[33m   https://docs.pyup.io/docs/safety-20-policy-file for more information.�[0m 
�[33m   It is recommended to pin your dependencies unless this is a library meant�[0m 
�[33m   for distribution. To learn more about reporting these, specifier range�[0m 
�[33m   handling, and options for scanning unpinned packages visit�[0m 
�[33m   https://docs.pyup.io/docs/safety-range-specs�[0m 

�[33m-> Warning: 2 known vulnerabilities match the tqdm versions that could be�[0m 
�[33m   installed from your specifier: tqdm>=0 (unpinned). These vulnerabilities are�[0m 
�[33m   not reported by default. To report these vulnerabilities set 'ignore-�[0m 
�[33m   unpinned-requirements' to False under 'security' in your policy file. See�[0m 
�[33m   https://docs.pyup.io/docs/safety-20-policy-file for more information.�[0m 
�[33m   It is recommended to pin your dependencies unless this is a library meant�[0m 
�[33m   for distribution. To learn more about reporting these, specifier range�[0m 
�[33m   handling, and options for scanning unpinned packages visit�[0m 
�[33m   https://docs.pyup.io/docs/safety-range-specs�[0m 

�[33m-> Warning: 8 known vulnerabilities match the requests versions that could be�[0m 
�[33m   installed from your specifier: requests>=0 (unpinned). These vulnerabilities�[0m 
�[33m   are not reported by default. To report these vulnerabilities set 'ignore-�[0m 
�[33m   unpinned-requirements' to False under 'security' in your policy file. See�[0m 
�[33m   https://docs.pyup.io/docs/safety-20-policy-file for more information.�[0m 
�[33m   It is recommended to pin your dependencies unless this is a library meant�[0m 
�[33m   for distribution. To learn more about reporting these, specifier range�[0m 
�[33m   handling, and options for scanning unpinned packages visit�[0m 
�[33m   https://docs.pyup.io/docs/safety-range-specs�[0m 

�[33m-> Warning: 4 known vulnerabilities match the pyyaml versions that could be�[0m 
�[33m   installed from your specifier: pyyaml>=0 (unpinned). These vulnerabilities�[0m 
�[33m   are not reported by default. To report these vulnerabilities set 'ignore-�[0m 
�[33m   unpinned-requirements' to False under 'security' in your policy file. See�[0m 
�[33m   https://docs.pyup.io/docs/safety-20-policy-file for more information.�[0m 
�[33m   It is recommended to pin your dependencies unless this is a library meant�[0m 
�[33m   for distribution. To learn more about reporting these, specifier range�[0m 
�[33m   handling, and options for scanning unpinned packages visit�[0m 
�[33m   https://docs.pyup.io/docs/safety-range-specs�[0m 



+==============================================================================+

 Scan was completed. 0 vulnerabilities were reported. 15 vulnerabilities from 4 
 packages were ignored. 

+==============================================================================+�[0m


�[33m�[1m+===========================================================================================================================================================================================+�[0m


�[31m�[1mDEPRECATED: �[0m�[33m�[1mthis command (`check`) has been DEPRECATED, and will be unsupported beyond 01 June 2024.�[0m


�[32mWe highly encourage switching to the new �[0m�[32m�[1m`scan`�[0m�[32m command which is easier to use, more powerful, and can be set up to mimic the deprecated command if required.�[0m


�[33m�[1m+===========================================================================================================================================================================================+�[0m

⚠️ Security issues detected. Please review and address.

Security scan completed. Full reports available in workflow artifacts.

Copilot AI reviewed Oct 28, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements an enhanced development workflow for TRCLI, introducing automated quality checks, pre-commit hooks, and development guidelines to improve code quality and consistency.

Key Changes:

  • Added pre-commit hooks for code formatting (Black) and linting (flake8) with commit message validation
  • Implemented GitHub Actions workflows for security scanning, PR validation, and checklist enforcement
  • Created comprehensive development workflow documentation with setup instructions and best practices

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated no comments.

Show a summary per file
File Description
setup-dev-tools.sh Bash script to automate installation of pre-commit hooks and development tools
DEVELOPMENT_WORKFLOW.md Comprehensive guide covering pre-commit setup, commit formats, PR process, and troubleshooting
.pre-commit-hooks/commit-msg.py Python script to validate commit messages contain issue references (JIRA or GitHub)
.pre-commit-config.yaml Pre-commit configuration with Black formatter and flake8 linter setup
.github/workflows/security-scan.yml GitHub Actions workflow for dependency scanning and CodeQL analysis
.github/workflows/pr-validation.yml Workflow to validate PR issue references and auto-label based on type
.github/workflows/pr-checklist.yml Workflow to enforce PR checklist completion and required sections
.github/PULL_REQUEST_TEMPLATE.md Fixed grammatical error in PR template
.bandit Configuration file for Bandit security scanner

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@acuanico-tr-galt acuanico-tr-galt merged commit 60cfa6b into release/1.12.3 Oct 31, 2025
3 checks passed
@acuanico-tr-galt acuanico-tr-galt deleted the feature/TRCLI-185 branch October 31, 2025 02:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@acuanico-tr-galt