MPT-16656: configure repository

[svazquezco]

Summary by CodeRabbit

• Chores

  • Updated CI workflows, Dependabot, pre-commit tooling, Docker/dev setup, and cleanup steps.
  • Cleaned example environment sample (removed several env vars) and added CODEOWNERS.

• Refactor

  • Removed legacy runtime/API/event/initializer/pipeline modules and simplified project configuration, metadata, and Docker/compose setup.
  • Aligned build, analysis, and project naming to the new tool name.

• Documentation

  • README updated with new project name and concise description.

• Tests

  • Removed legacy tests and added a minimal placeholder test.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

	Warnings
⚠️	This PR changes 2810 lines across 29 files (threshold: 600). Please consider splitting it into smaller PRs for easier review.

✅ Found Jira issue key in the title: MPT-16656

Generated by 🚫 dangerJS against 54a451f

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR rebrands the project to "mpt_tool": removes the Django extension (API, events, AppConfig, initializer, settings, steps, tests), strips several .env.sample entries, and updates CI/CD, dependency tooling, Dockerfiles/compose, and project metadata to the new mpt_tool identity. (50 words)

Changes

Cohort / File(s)	Summary
Environment & Docs \.env.sample, README.md, sonar-project.properties	Removed six env vars from .env.sample; updated README badges/title/description to mpt_tool; adjusted Sonar projectKey/sources/inclusions/exclusions to mpt_tool and set sonar.python.version.
Dependency & Tooling config \.pre-commit-config.yaml, pyproject.toml	Bumped pre-commit hook revs, added Flake8; large pyproject.toml rework — project renamed to mpt-tool/mpt_tool, runtime deps cleared, dev deps and lint/test config reorganized.
CI/CD workflows .github/workflows/danger.yml, .github/workflows/pr-build-merge.yml, .github/workflows/release.yml	Upgraded actions/checkout v4→v6; PR workflow changed compose run target and added unconditional docker compose down cleanup; release workflow updated docker-login action, image tag, and dependency-track references.
Dependabot .github/dependabot.yml	Added Dependabot configuration with Python (weekly) and Docker/GHA (monthly) update pipelines, grouping, and commit-message conventions.
Docker & Compose dev.Dockerfile, prod.Dockerfile, docker-compose.yml	Workdir/copy paths changed /extension→/mpt_tool; default commands switched to bash; container names and volumes updated; docker-compose.yml simplified (removed env_file, ports/expose, and removed bash service).
Removed Django extension modules swo_playground/api.py, swo_playground/events.py, swo_playground/extension.py, swo_playground/initializer.py, swo_playground/steps.py, swo_playground/settings.py	Deleted API endpoints, auth/request/response schemas and client wrapper, event listener, AppConfig readiness checks, custom initializer, step classes/pipeline, and full Django settings (logging/OpenTelemetry/MPT config).
Removed management command swo_playground/management/commands/hello.py	Deleted simple hello Django management command.
Removed tests & test config tests/conftest.py, tests/django/settings.py, tests/test_steps.py	Removed autouse test fixture, test Django settings module, and step unit tests.
Added tests & repo metadata tests/dummy_test.py, .github/CODEOWNERS	Added a trivial tests/dummy_test.py and a .github/CODEOWNERS assigning ownership.

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Poem

🐇
I hopped through branches, nibbled old routes away,
Endpoints tucked and settings put to sleep,
Docker pockets changed their names at play,
CI learned a new trail to safely keep,
I twirl my whiskers — mpt_tool springs from the heap.

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main objective of the PR, which is to configure the repository by updating project metadata, tooling, CI/CD workflows, and removing legacy extension-specific code.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch MPT-16656-configure-repository

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

README.md (1)

1-2: SonarCloud badges reference the old project name.

The badge URLs still point to softwareone-platform_swo-extension-playground, but the project has been renamed to softwareone-platform_mpt-tool (as per sonar-project.properties). These badges will show incorrect or missing data.

Proposed fix

-[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=softwareone-platform_swo-extension-playground&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=softwareone-platform_swo-extension-playground)
-[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=softwareone-platform_swo-extension-playground&metric=coverage)](https://sonarcloud.io/summary/new_code?id=softwareone-platform_swo-extension-playground)
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=softwareone-platform_mpt-tool&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=softwareone-platform_mpt-tool)
+[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=softwareone-platform_mpt-tool&metric=coverage)](https://sonarcloud.io/summary/new_code?id=softwareone-platform_mpt-tool)

🧹 Nitpick comments (1)

.github/workflows/release.yml (1)

17-18: Inconsistent checkout action version across workflows.

This workflow uses actions/checkout@v4 while .github/workflows/danger.yml was updated to actions/checkout@v6. If v6 is intentional and valid, consider updating this file for consistency; otherwise, revert danger.yml to v4.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc63138 and f1eda74.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (26)

• .env.sample
• .github/dependabot.yml
• .github/workflows/danger.yml
• .github/workflows/pr-build-merge.yml
• .github/workflows/release.yml
• .pre-commit-config.yaml
• README.md
• dev.Dockerfile
• docker-compose.yml
• mpt_tool/__init__.py
• prod.Dockerfile
• pyproject.toml
• sonar-project.properties
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/extension.py
• swo_playground/initializer.py
• swo_playground/management/__init__.py
• swo_playground/management/commands/__init__.py
• swo_playground/management/commands/hello.py
• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• tests/django/__init__.py
• tests/django/settings.py
• tests/test_steps.py

💤 Files with no reviewable changes (11)

• .env.sample
• swo_playground/events.py
• tests/test_steps.py
• swo_playground/management/commands/hello.py
• swo_playground/extension.py
• swo_playground/api.py
• swo_playground/initializer.py
• tests/django/settings.py
• swo_playground/settings.py
• tests/conftest.py
• swo_playground/steps.py

🔇 Additional comments (18)

.github/workflows/release.yml (2)

27-34: LGTM on Docker login and image tag updates.

The upgrade to azure/docker-login@v2 and the image name change to mpt-tool align with the project rename.

---

36-40: LGTM on dependency-track workflow updates.

The workflow version bump to v2 and project name update to mpt-tool are consistent with the broader repository rename.

.github/dependabot.yml (1)

1-39: LGTM! Well-structured Dependabot configuration.

Good practices observed:

• Sensible scheduling (weekly for Python deps, monthly for Docker/Actions)
• Dependency grouping by production/development
• Consistent commit message prefixes
• Reasonable PR limits

sonar-project.properties (1)

1-13: LGTM! Sonar configuration updated for project rename.

The project key, sources, and inclusions are correctly updated to reflect the mpt_tool naming convention.

pyproject.toml (2)

10-10: Empty dependencies lists are intentional?

Both dependencies and runtime dependency groups are empty. If this is intentional for the initial setup, consider adding a comment to clarify, or ensure the required dependencies are added before the tool is functional.

Also applies to: 31-31

---

147-158: LGTM on new ruff lint configuration sections.

The import conventions, quotes, mccabe complexity, and pydocstyle settings are well-organized and follow common conventions.

README.md (1)

6-6: LGTM on the title update.

The README title correctly reflects the new project name.

dev.Dockerfile (2)

3-4: LGTM on working directory update.

The path changes from /extension to /mpt_tool align with the project rename.

---

13-13: LGTM on CMD change.

Using bash as the default command is appropriate for a development container, allowing interactive shell access.

.pre-commit-config.yaml (3)

8-9: pre-commit-hooks v6.0.0 is confirmed released.

Version v6.0.0 was published on 2025-08-09 and is a valid major version bump from v5.0.0. The dependency specification is correct.

---

20-23: uv-pre-commit 0.9.20 is a valid released version.

Confirmed: version 0.9.20 was released on 2025-12-30. No action required.

---

31-35: mypy v1.19.1 is a valid released version.

Confirmed released on December 15, 2025 via PyPI with documented fixes. No action required.

.github/workflows/danger.yml (1)

15-15: No action needed — actions/checkout@v6 is the latest stable version as of December 2025 and is the recommended version to use.

Likely an incorrect or invalid review comment.

.github/workflows/pr-build-merge.yml (2)

41-43: Good addition of cleanup step.

The docker compose down step with if: always() ensures containers are properly cleaned up regardless of workflow success or failure, preventing resource leaks in CI.

---

22-22: No action required. The workflow correctly specifies actions/checkout@v6, which is the current latest stable version. v4 is outdated.

Likely an incorrect or invalid review comment.

prod.Dockerfile (2)

3-4: Path updates align with repository restructuring.

The working directory and context path correctly reflect the migration from /extension to /mpt_tool.

---

13-13: No action needed. The CMD ["bash"] is intentional and appropriate for this library/tool project. This container is designed to run ad-hoc commands via docker compose run app rather than as a standalone service, as evidenced by the CI/CD pipeline, empty application code, and identical dev/prod Dockerfile configurations. The bash command is correct for the project's current use case.

docker-compose.yml (1)

3-9: Service configuration is correct and requires no env_file.

The container name, working directory, and volume mounts have been updated consistently to reflect the migration from /extension to /mpt_tool. No environment variables are referenced in the application code, and the prod.Dockerfile only sets standard Python virtual environment variables (VIRTUAL_ENV, PATH). The configuration requires no env_file directive.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

sonar-project.properties (1)

13-13: Update sonar.python.version to specify the minor version.

Line 13 sets sonar.python.version=3, which is invalid. SonarQube's Python version property requires MAJOR.MINOR format (e.g., 3.12). The project targets Python 3.12 as specified in pyproject.toml (requires-python = ">=3.12,<4") and .python-version. Update this to sonar.python.version=3.12.

♻️ Duplicate comments (3)

.github/workflows/pr-build-merge.yml (2)

22-22: Verify that actions/checkout@v6 is a valid and stable release.

The upgrade from v4 to v6 skips v5, which may indicate an issue. Ensure that v6 exists, is stable, and review the changelog for any breaking changes that might affect this workflow.

Does GitHub actions/checkout@v6 exist and is it stable?

---

33-33: The test step does not execute any validation or tests.

The workflow runs docker compose run app without a command argument. Since the app service inherits CMD ["bash"] from prod.Dockerfile with no override in docker-compose.yml, bash starts in non-interactive mode and immediately exits. The pytest configuration in pyproject.toml is never invoked.

To execute tests, explicitly specify the command: docker compose run app pytest or update the Dockerfile/docker-compose to define a proper entrypoint that runs the test suite.

🔎 Proposed fix

-    - name: "Run validation & test"
-      run: docker compose run app
+    - name: "Run validation & test"
+      run: docker compose run app pytest

docker-compose.yml (1)

10-11: Remove unused port mapping.

The project is a migration tool library with no web service. Port 8080 in docker-compose.yml is not used by any application component and should be removed.

🔎 Proposed fix

     volumes:
       - .:/mpt_tool
-    ports:
-      - "8080:8080"

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f1eda74 and 3e5da26.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (27)

• .env.sample
• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/danger.yml
• .github/workflows/pr-build-merge.yml
• .github/workflows/release.yml
• .pre-commit-config.yaml
• README.md
• dev.Dockerfile
• docker-compose.yml
• mpt_tool/__init__.py
• prod.Dockerfile
• pyproject.toml
• sonar-project.properties
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/extension.py
• swo_playground/initializer.py
• swo_playground/management/__init__.py
• swo_playground/management/commands/__init__.py
• swo_playground/management/commands/hello.py
• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• tests/django/__init__.py
• tests/django/settings.py
• tests/test_steps.py

💤 Files with no reviewable changes (11)

• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• .env.sample
• swo_playground/extension.py
• tests/django/settings.py
• swo_playground/management/commands/hello.py
• tests/test_steps.py
• swo_playground/initializer.py
• swo_playground/events.py
• swo_playground/api.py

🚧 Files skipped from review as they are similar to previous changes (6)

• .github/workflows/release.yml
• dev.Dockerfile
• pyproject.toml
• .github/dependabot.yml
• prod.Dockerfile
• .pre-commit-config.yaml

🔇 Additional comments (6)

.github/CODEOWNERS (1)

1-1: LGTM!

The CODEOWNERS file is syntactically correct and appropriately assigns all code ownership to the @softwareone-platform/sirius team. This is a reasonable starting point for repository governance. Consider adding granular rules for specific directories or teams in the future if needed.

README.md (1)

1-2: ✓ Badges and project identity correctly updated.

The SonarCloud badge URLs, project title, and description are all correctly aligned with the new softwareone-platform_mpt-tool project key and the migration tool's purpose.

Also applies to: 6-6, 8-9

.github/workflows/pr-build-merge.yml (2)

41-43: Good addition: cleanup step ensures containers are stopped.

The new cleanup step using if: always() ensures that containers are properly stopped even if previous steps fail, preventing resource leaks in CI.

---

30-30: The app service is properly configured for testing.

The --all-groups flag in the Dockerfile's uv sync command ensures all dependency groups—including test dependencies—are installed in the build. The removal of the separate app_test service is appropriate since the unified app service includes the necessary test configuration.

docker-compose.yml (1)

3-9: LGTM: Configuration updates align with project rename.

The container name, working directory, and volume mappings have been consistently updated from ext_playground//extension to mpt_tool//mpt_tool, properly reflecting the project's rebranding.

.github/workflows/danger.yml (1)

15-15: Review the breaking changes introduced in actions/checkout@v6.

actions/checkout@v6 is a stable and official release. However, it includes breaking changes: improved credential handling (persist-credentials now stored under $RUNNER_TEMP) and authenticated git operations from Docker containers require Actions Runner v2.329.0+. Ensure this workflow's environment meets these requirements.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3e5da26 and 94cb43c.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (27)

• .env.sample
• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/danger.yml
• .github/workflows/pr-build-merge.yml
• .github/workflows/release.yml
• .pre-commit-config.yaml
• README.md
• dev.Dockerfile
• docker-compose.yml
• mpt_tool/__init__.py
• prod.Dockerfile
• pyproject.toml
• sonar-project.properties
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/extension.py
• swo_playground/initializer.py
• swo_playground/management/__init__.py
• swo_playground/management/commands/__init__.py
• swo_playground/management/commands/hello.py
• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• tests/django/__init__.py
• tests/django/settings.py
• tests/test_steps.py

💤 Files with no reviewable changes (11)

• .env.sample
• tests/conftest.py
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/steps.py
• swo_playground/initializer.py
• swo_playground/extension.py
• swo_playground/settings.py
• tests/test_steps.py
• swo_playground/management/commands/hello.py
• tests/django/settings.py

🚧 Files skipped from review as they are similar to previous changes (5)

• sonar-project.properties
• .github/workflows/release.yml
• .github/dependabot.yml
• docker-compose.yml
• .github/workflows/pr-build-merge.yml

🔇 Additional comments (14)

.github/CODEOWNERS (1)

1-1: LGTM!

The CODEOWNERS file is correctly structured with proper syntax and placement. The wildcard pattern appropriately assigns code ownership to the @softwareone-platform/sirius team across all repository paths, establishing clear ownership as part of the repository rebranding.

.github/workflows/danger.yml (1)

15-15: actions/checkout@v6 upgrade is appropriate.

v6 is stable and available. The main breaking change involves credentials handling (moved from .git/config to $RUNNER_TEMP), but this workflow doesn't use explicit credential configuration, so the upgrade is safe. Preserving the ref and fetch-depth parameters is correct.

.pre-commit-config.yaml (1)

25-29: LGTM! flake8 integration aligns with project configuration.

The addition of flake8 with the specified dependencies is consistent with the dev dependencies in pyproject.toml and the flake8 configuration section defined there.

pyproject.toml (5)

2-4: LGTM! Project metadata correctly updated for rebranding.

The project name and description have been properly updated to reflect the new identity as a migration tool for extensions.

---

10-10: Empty dependencies are appropriate for a standalone tool.

Both the main dependencies list and the runtime dependency group are empty, which is consistent with this being a self-contained migration tool without external runtime requirements.

Also applies to: 28-28

---

33-33: Coverage configuration correctly references the module name.

The --cov=mpt_tool flag correctly uses the filesystem module name (with underscore) rather than the distribution package name. This addresses the concern raised in previous review comments.

---

65-65: Empty per-file-ignores is acceptable.

An empty per-file-ignores list is valid and indicates no file-specific linting exceptions are needed.

---

144-156: LGTM! Tool configuration sections properly restructured.

The ruff plugin configuration sections have been properly organized under [tool.ruff.lint.*] namespace, which is the correct structure for ruff's lint plugin configurations.

README.md (2)

1-2: LGTM! Badge URLs correctly updated for the rebranded project.

The SonarCloud badge URLs have been properly updated to reference softwareone-platform_mpt-tool instead of the old project key.

---

6-9: LGTM! Clear and concise project description.

The updated title and description effectively communicate the purpose and scope of the MPT Tool as a migration tool for extensions with CLI-based interface.

prod.Dockerfile (2)

3-4: LGTM! Working directory correctly updated for rebranded project.

The COPY destination and WORKDIR have been properly updated from /extension to /mpt_tool, aligning with the project rebranding.

---

13-13: CMD changed from application execution to interactive shell.

The default command has been changed from swoext run --no-color to bash. This removes the automatic execution behavior and provides an interactive shell instead.

Please confirm this change is intentional, as it fundamentally alters how the production container starts. If the container is meant to run a specific command, consider whether this should be reverted or if the command should be specified at runtime.

dev.Dockerfile (2)

3-4: LGTM! Development environment paths correctly updated.

The COPY destination and WORKDIR have been properly updated from /extension to /mpt_tool, consistent with the production Dockerfile and the overall project rebranding.

---

13-13: CMD changed to interactive shell for development flexibility.

The default command has been changed from swoext run to bash, providing an interactive shell. This is appropriate for a development environment where developers need flexibility to run various commands.

This change mirrors the production Dockerfile. If the production container needs different behavior, please verify that it's configured appropriately (see comment on prod.Dockerfile).

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 94cb43c and 44de613.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (28)

• .env.sample
• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/danger.yml
• .github/workflows/pr-build-merge.yml
• .github/workflows/release.yml
• .pre-commit-config.yaml
• README.md
• dev.Dockerfile
• docker-compose.yml
• mpt_tool/__init__.py
• prod.Dockerfile
• pyproject.toml
• sonar-project.properties
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/extension.py
• swo_playground/initializer.py
• swo_playground/management/__init__.py
• swo_playground/management/commands/__init__.py
• swo_playground/management/commands/hello.py
• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• tests/django/__init__.py
• tests/django/settings.py
• tests/dummy_test.py
• tests/test_steps.py

💤 Files with no reviewable changes (11)

• swo_playground/initializer.py
• swo_playground/api.py
• swo_playground/steps.py
• swo_playground/management/commands/hello.py
• .env.sample
• tests/test_steps.py
• tests/django/settings.py
• swo_playground/extension.py
• swo_playground/events.py
• tests/conftest.py
• swo_playground/settings.py

🚧 Files skipped from review as they are similar to previous changes (7)

• .github/CODEOWNERS
• .github/workflows/danger.yml
• .github/dependabot.yml
• .github/workflows/release.yml
• sonar-project.properties
• dev.Dockerfile
• .pre-commit-config.yaml

🔇 Additional comments (11)

pyproject.toml (3)

30-35: LGTM!

The pytest configuration correctly references mpt_tool (with underscore) for coverage, matching the actual module directory name.

---

144-155: LGTM!

The new Ruff plugin configuration sections are properly structured and use reasonable settings for code quality enforcement.

---

19-26: No action required. All development dependencies specified in pyproject.toml lines 19-26 have valid versions on PyPI: mypy 1.19.0 and 1.19.1 (released November–December 2025), pytest-mock 3.15.0 and 3.15.1 (released September 2025), and ruff 0.14.10 (released December 2025). The version constraints are satisfied.

prod.Dockerfile (2)

3-4: LGTM!

Path updates to /mpt_tool are consistent with the project rebrand.

---

13-13: Verify the production container startup behavior is intentional.

The CMD was changed from a specific application command (swoext run --no-color) to a generic bash shell. This means the production container will start bash and exit immediately when run without arguments. If this migration tool is meant to be invoked as a CLI command rather than a long-running service, this change may be intentional. Please confirm this aligns with how the tool is deployed and used.

.github/workflows/pr-build-merge.yml (3)

33-33: LGTM!

The test step now properly executes validation and tests through the app_test service, which has a defined command in docker-compose.yml that runs ruff, flake8, mypy, and pytest.

---

41-43: LGTM!

The unconditional cleanup step ensures containers are stopped even if tests fail, preventing resource leaks in CI.

---

22-22: No changes needed. actions/checkout@v6 is the stable major release as of December 2025 and the current recommended version.

Likely an incorrect or invalid review comment.

docker-compose.yml (3)

2-9: LGTM!

The app service configuration is cleanly updated to the new mpt_tool naming, and the previously flagged unused port mapping has been correctly removed.

---

11-22: LGTM!

The app_test service is properly configured with a comprehensive validation command that runs formatting checks, linting, type checking, lock verification, and tests.

---

24-32: LGTM!

The format service is properly configured to auto-format code with consistent mpt_tool naming.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

pyproject.toml (1)

19-26: Verify that the specified dev dependency versions exist on PyPI.

A previous review flagged that several version specifiers (mypy==1.19., pytest-mock==3.15., ruff==0.14.*) may not exist on PyPI. Please confirm these versions are valid before merging, as invalid versions will cause dependency installation to fail.

#!/bin/bash
# Check if the specified versions exist on PyPI
packages=("mypy:1.19" "pytest-mock:3.15" "ruff:0.14" "pre-commit:4.5" "pytest:9.0" "pytest-cov:7.0" "pytest-deadfixtures:3.0" "wemake-python-styleguide:1.5")

for pkg_version in "${packages[@]}"; do
  IFS=':' read -r pkg version <<< "$pkg_version"
  echo "=== Checking $pkg for version $version ==="
  curl -s "https://pypi.org/pypi/$pkg/json" | jq -r ".releases | keys[] | select(startswith(\"$version\"))" | head -5
  echo ""
done

🧹 Nitpick comments (2)

.github/workflows/release.yml (1)

18-20: Inconsistency: Update checkout action version to match pr-build-merge.yml.

The pr-build-merge.yml workflow uses actions/checkout@v6, while this release workflow still uses v4. For consistency and to ensure both workflows use the latest stable version, consider upgrading this to match.

🔎 Proposed fix

-      uses: actions/checkout@v4
+      uses: actions/checkout@v6

README.md (1)

8-9: Consider adding installation and usage sections.

The description is clear, but the README would benefit from basic installation instructions, usage examples, and development setup guidance to help new contributors get started.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 44de613 and 54a451f.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (28)

• .env.sample
• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/danger.yml
• .github/workflows/pr-build-merge.yml
• .github/workflows/release.yml
• .pre-commit-config.yaml
• README.md
• dev.Dockerfile
• docker-compose.yml
• mpt_tool/__init__.py
• prod.Dockerfile
• pyproject.toml
• sonar-project.properties
• swo_playground/api.py
• swo_playground/events.py
• swo_playground/extension.py
• swo_playground/initializer.py
• swo_playground/management/__init__.py
• swo_playground/management/commands/__init__.py
• swo_playground/management/commands/hello.py
• swo_playground/settings.py
• swo_playground/steps.py
• tests/conftest.py
• tests/django/__init__.py
• tests/django/settings.py
• tests/dummy_test.py
• tests/test_steps.py

💤 Files with no reviewable changes (11)

• swo_playground/events.py
• tests/django/settings.py
• .env.sample
• tests/test_steps.py
• swo_playground/api.py
• tests/conftest.py
• swo_playground/steps.py
• swo_playground/initializer.py
• swo_playground/settings.py
• swo_playground/extension.py
• swo_playground/management/commands/hello.py

🚧 Files skipped from review as they are similar to previous changes (8)

• .github/CODEOWNERS
• .github/workflows/danger.yml
• tests/dummy_test.py
• .github/dependabot.yml
• docker-compose.yml
• prod.Dockerfile
• dev.Dockerfile
• .pre-commit-config.yaml

🔇 Additional comments (13)

.github/workflows/pr-build-merge.yml (3)

33-33: LGTM! Removal of --service-ports flag is appropriate.

The --service-ports flag is unnecessary for test execution and its removal simplifies the command without affecting functionality.

---

41-43: LGTM! Cleanup step improves resource management.

The unconditional cleanup step ensures containers are stopped and removed after test execution, preventing resource leaks in CI/CD runs.

---

22-22: No action required. actions/checkout@v6 is valid and available on GitHub Actions marketplace, with improved credential security as the main change. It maintains backward compatibility for typical workflows.

.github/workflows/release.yml (4)

33-34: LGTM! Image name update aligns with repository rebranding.

The Docker image name has been correctly updated from swo-extensions-playground to mpt-tool, consistent with the PR objectives.

---

39-39: LGTM! Project name update aligns with repository rebranding.

The projectName parameter has been correctly updated from swo-extension-playground to mpt-tool, consistent with the PR objectives.

---

27-27: No action required. The azure/docker-login@v2 action is an official, maintained GitHub Action by Azure, available on the GitHub Actions marketplace, and is stable for production use.

---

37-37: Reusable workflow reference is valid.

The workflow softwareone-platform/ops-template/.github/workflows/dependency-track-python-uv.yml@v2 exists and is accessible. The v2 tag is present in the repository.

sonar-project.properties (1)

1-13: LGTM! Configuration correctly updated for the project rename.

All SonarCloud configuration properties are consistent with the mpt_tool rebrand, and the Python version (3.12) matches the project requirements in pyproject.toml.

README.md (1)

1-6: LGTM! Branding updated correctly.

The badge URLs and project title are consistent with the mpt-tool rebrand.

pyproject.toml (4)

2-4: LGTM! Project metadata updated correctly.

The package name and description reflect the new mpt-tool identity. The hyphenated package name (mpt-tool) with underscored module name (mpt_tool) follows Python conventions.

---

33-33: LGTM! Pytest coverage configuration is correct.

The --cov=mpt_tool flag correctly references the module name with an underscore.

---

144-155: LGTM! Ruff plugin configurations are well-structured.

The linting configurations are properly organized with sensible defaults: import conventions, quote style, complexity limits, and docstring conventions.

---

10-10: This is an early-stage project (version 0.0.0) with a skeleton structure. The Python files contain only placeholder code with no external dependencies. Empty dependencies list is appropriate and intentional at this stage; dependencies for CLI frameworks and database drivers will be added as the project develops.