Skip to content

Commit 28c744d

Browse files
ci: minimal scope — fix install, lint+tests only, Dependabot alerts-only
- pyproject: PEP 639 license string + setuptools>=77 (fixes editable install failure 'project.license must be string' that was breaking ALL CI) - CI reduced to two jobs: Lint (ruff check + format) and Tests (3.13) (unit) - remove security-scan and release-please workflows (noise / not needed now) - remove dependabot.yml (no automated dependency PRs) - Dependabot: vulnerability alerts ON (Security tab), automated fixes OFF - docs updated to match Co-Authored-By: claude-flow <ruv@ruv.net>
1 parent b74f907 commit 28c744d

7 files changed

Lines changed: 14 additions & 127 deletions

File tree

.github/dependabot.yml

Lines changed: 0 additions & 30 deletions
This file was deleted.

.github/workflows/ci.yml

Lines changed: 8 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ concurrency:
1515

1616
jobs:
1717
lint:
18-
name: Lint & type-check
18+
name: Lint
1919
runs-on: ubuntu-latest
2020
steps:
2121
- uses: actions/checkout@v4
@@ -27,27 +27,23 @@ jobs:
2727
run: |
2828
python -m pip install --upgrade pip
2929
pip install -e ".[dev]"
30-
- name: Ruff (lint)
30+
- name: Ruff lint
3131
run: ruff check .
32-
- name: Mypy (type-check)
33-
run: mypy src/orchestrator
32+
- name: Ruff format check
33+
run: ruff format --check .
3434

3535
test:
36-
name: Tests
36+
name: Tests (3.13)
3737
runs-on: ubuntu-latest
38-
strategy:
39-
fail-fast: false
40-
matrix:
41-
python-version: ["3.13"]
4238
steps:
4339
- uses: actions/checkout@v4
4440
- uses: actions/setup-python@v5
4541
with:
46-
python-version: ${{ matrix.python-version }}
42+
python-version: "3.13"
4743
cache: pip
4844
- name: Install
4945
run: |
5046
python -m pip install --upgrade pip
5147
pip install -e ".[dev]"
52-
- name: Pytest (unit, no external services)
53-
run: pytest -m "not integration and not e2e and not live_mcp" --cov=orchestrator --cov-report=xml -n auto
48+
- name: Unit tests
49+
run: pytest tests/unit -q

.github/workflows/release-please.yml

Lines changed: 0 additions & 19 deletions
This file was deleted.

.github/workflows/security.yml

Lines changed: 0 additions & 58 deletions
This file was deleted.

CHANGELOG.md

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,10 @@ and Continuum adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.ht
1111
- GitHub issue templates (`bug.yml`, `feature.yml`, `question.yml`) and a chooser config that disables blank issues and routes security reports to a private advisory.
1212
- Pull request template with Conventional-Commits typing, DCO checkbox, and lint/type/test gates.
1313
- `CODEOWNERS` for automatic review routing.
14-
- Dependabot configured for security-only updates (`pip`, `github-actions`); routine version-bump PRs are disabled.
14+
- Dependabot vulnerability **alerts** (surfaced in the Security tab); automated dependency PRs are disabled.
1515
- `MAINTAINERS.md` with the current maintainer list, tone rules, and escalation path.
1616
- `SECURITY.md` with the private disclosure channel and severity SLAs.
17-
- CI workflow (`ruff`, `mypy`, `pytest`) and security scan workflow (`gitleaks`, `pip-audit`, `bandit`).
18-
- `release-please` workflow for automated version bumps and changelog updates.
17+
- Minimal CI workflow: ruff lint + format check and unit tests on `main`/`dev`.
1918

2019
### Changed
2120
- _Nothing yet._

CONTRIBUTING.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,14 +47,14 @@ Both `main` and `dev` are protected. Configure under **Settings → Branches →
4747
| Required approving reviews | 1 (from a maintainer) | 1 |
4848
| Dismiss stale approvals on new commits |||
4949
| Require status checks to pass |||
50-
| Required checks | `Lint & type-check`, `Tests (3.13)`, `Secret scan (gitleaks)` | same |
50+
| Required checks | `Lint`, `Tests (3.13)` | same |
5151
| Require branches up to date before merging |||
5252
| Require signed-off commits (DCO) |||
5353
| Require linear history |||
5454
| Restrict who can push | maintainers only | maintainers only |
5555
| Allow force pushes / deletions |||
5656

57-
`pip-audit` and `bandit` run as **advisory** checks (non-blocking) — review their output, but they will not gate a merge. Direct pushes to `main`/`dev` are disabled; all changes land through PRs.
57+
Security is handled out of band, not as a gating check: Dependabot vulnerability **alerts** surface in the **Security** tab (no automated PRs). Direct pushes to `main`/`dev` are disabled; all changes land through PRs.
5858

5959
## Commit messages
6060

pyproject.toml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
[build-system]
2-
requires = ["setuptools>=68.0", "wheel"]
2+
requires = ["setuptools>=77.0", "wheel"]
33
build-backend = "setuptools.build_meta"
44

55
[project]
@@ -8,7 +8,7 @@ version = "0.2.0"
88
description = "Agentic Framework for Enterprise-Wide Execution with multi-LLM provider support, observability, and error tracking"
99
readme = "README.md"
1010
requires-python = ">=3.13"
11-
license = {text = "Apache-2.0"}
11+
license = "Apache-2.0"
1212
license-files = ["LICENSE", "NOTICE"]
1313
authors = [
1414
{name = "Bhavik Ardeshna", email = "continuum@shyftlabs.io"}
@@ -26,7 +26,6 @@ keywords = [
2626
classifiers = [
2727
"Development Status :: 3 - Alpha",
2828
"Intended Audience :: Developers",
29-
"License :: OSI Approved :: Apache Software License",
3029
"Programming Language :: Python :: 3",
3130
"Programming Language :: Python :: 3.13",
3231
"Topic :: Software Development :: Libraries :: Python Modules",

0 commit comments

Comments
 (0)