Skip to content

Commit 5ffca7a

Browse files
Merge pull request #3 from MichaelsEngineering/feat/260316-085352
feat: add completed test artifacts, minimal code, and tests
2 parents 140ddea + 8fbf5a8 commit 5ffca7a

31 files changed

Lines changed: 2645 additions & 47 deletions

.github/CODEOWNERS

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
* @MichaelsEngineering
2+
.github/** @MichaelsEngineering
3+
plans/** @MichaelsEngineering
4+
scripts/agent-orchestrator/** @MichaelsEngineering
5+
src/** @MichaelsEngineering
6+
tests/** @MichaelsEngineering
7+
traces/** @MichaelsEngineering
8+
runs/** @MichaelsEngineering
9+
dev/** @MichaelsEngineering
10+
AGENTS.md @MichaelsEngineering
11+
README.md @MichaelsEngineering
12+
Makefile @MichaelsEngineering
13+
pyproject.toml @MichaelsEngineering
14+
LICENSE @MichaelsEngineering
Lines changed: 106 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,106 @@
1+
---
2+
name: "🐞/✨ Bug Report / Feature Request"
3+
about: Report a bug or suggest a new feature
4+
title: " "
5+
labels: ["bug", "enhancement"]
6+
assignees: ""
7+
---
8+
9+
## Header
10+
11+
- **Type**: Bug / Feature / Improvement
12+
- **Title**: _(Short summary)_
13+
14+
---
15+
16+
## Description
17+
Provide a clear and concise description of the issue or requested capability.
18+
19+
---
20+
21+
## Background & Context
22+
Where this occurs / why it matters / user type / business impact.
23+
24+
---
25+
26+
## For Bugs: Reproduction Steps
27+
(If Type = Bug)
28+
1. Step 1: _(what you did)_
29+
2. Step 2: _(what you did next)_
30+
3.
31+
**Expected behavior**:
32+
_(What you expected to happen)_
33+
**Actual behavior**:
34+
_(What actually happened)_
35+
**Environment / version / configuration**:
36+
- Product version:
37+
- Platform (OS / browser / device):
38+
- Any special setup:
39+
**Attachments / logs / screenshots**:
40+
_(Links or embed if supported)_
41+
42+
---
43+
44+
## For Features: Proposal
45+
(If Type = Feature or Improvement)
46+
- **What is the request?**
47+
_(Describe the new capability or change)_
48+
- **Why is it needed?**
49+
_(User pain, business value, user type)_
50+
- **User scenario / Use-case**:
51+
_(“When user X does Y, they want Z”)_
52+
- **Acceptance criteria / Success metrics**:
53+
_(How will you know if it’s done / valuable?)_
54+
- **Alternatives considered**:
55+
_(If you know other options or workarounds)_
56+
- **Priority / Urgency**:
57+
_(Low / Medium / High)_
58+
59+
---
60+
61+
## Impact & Scope
62+
- **Affected users / segments**:
63+
- **Frequency or severity** (bugs) / **Reach & benefit** (features):
64+
- **Dependencies or related issues**:
65+
- **Estimated effort / complexity** (optional, dev can fill):
66+
67+
---
68+
69+
## Notes for the Dev / Product Team (Optional)
70+
- **Suggested implementation approach** (optional):
71+
- **Workarounds currently in use**:
72+
- **Additional comments**:
73+
74+
---
75+
76+
## Prompt-Engineering Note
77+
When converting to a Codex-style prompt for generation or summarization, you might use:
78+
79+
analyze current prompt_guide.txt:
80+
Task:
81+
82+
Context:
83+
- Files:
84+
- Logs / stack trace:
85+
- Constraints:
86+
87+
Verify:
88+
- Run:
89+
- Expect:
90+
91+
Output:
92+
-
93+
94+
Task:
95+
96+
Context:
97+
- Files:
98+
- Logs / stack trace:
99+
- Constraints:
100+
101+
Verify:
102+
- Run:
103+
- Expect:
104+
105+
Output:
106+
-

.github/dependabot.yml

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
version: 2
2+
updates:
3+
- package-ecosystem: "pip"
4+
directory: "/"
5+
schedule:
6+
interval: "weekly"
7+
day: "monday"
8+
time: "03:00"
9+
timezone: "UTC"
10+
open-pull-requests-limit: 5
11+
labels:
12+
- "dependencies"
13+
- "security"
14+
assignees:
15+
- "MichaelsEngineering"
16+
reviewers:
17+
- "MichaelsEngineering"
18+
groups:
19+
python-security:
20+
applies-to: security-updates
21+
patterns:
22+
- "*"
23+
python-routine:
24+
applies-to: version-updates
25+
patterns:
26+
- "*"
27+
28+
- package-ecosystem: "github-actions"
29+
directory: "/"
30+
schedule:
31+
interval: "weekly"
32+
day: "monday"
33+
time: "03:15"
34+
timezone: "UTC"
35+
open-pull-requests-limit: 5
36+
labels:
37+
- "dependencies"
38+
- "security"
39+
assignees:
40+
- "MichaelsEngineering"
41+
reviewers:
42+
- "MichaelsEngineering"
43+
groups:
44+
actions-security:
45+
applies-to: security-updates
46+
patterns:
47+
- "*"
48+
actions-routine:
49+
applies-to: version-updates
50+
patterns:
51+
- "*"

.github/pull_request_template.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
### What
2+
3+
-
4+
5+
### Why
6+
7+
-
8+
9+
### How
10+
11+
-
12+
13+
### Checks
14+
15+
- [x] `make check` passes locally
16+
- [ ] Added/updated tests
17+
- [ ] Docs or README updated if needed
18+
- [ ] Security impact assessed (`none` or brief rationale provided below)
19+
- [ ] Dependency and lockfile changes explicitly listed
20+
- [ ] Supply-chain provenance updated (SBOM/attestation artifacts linked when applicable)
21+
- [ ] Threat-model delta captured for behavior/config changes
22+
- [ ] Rollback plan included for this change
23+
- [ ] Confirmed no new network/time/nondeterministic sources in core loop paths (`src/runner.py`, `src/replay.py`, `src/replay_fixtures.py`)
24+
25+
### Security Notes
26+
27+
- Security impact:
28+
- Dependency or lockfile changes:
29+
- Threat-model delta:
30+
- Rollback plan:

.github/workflows/ci.yml

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
name: ci
2+
3+
on:
4+
pull_request:
5+
push:
6+
branches:
7+
- main
8+
9+
permissions:
10+
contents: read
11+
12+
jobs:
13+
check:
14+
name: check
15+
runs-on: ubuntu-latest
16+
steps:
17+
- name: Checkout
18+
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
19+
- name: Setup Python 3.11
20+
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
21+
with:
22+
python-version: "3.11"
23+
- name: Install uv
24+
run: python -m pip install --upgrade pip uv
25+
- name: Sync dependencies
26+
run: uv sync --dev
27+
- name: Run check
28+
run: uv run make check
29+
30+
gate:
31+
name: gate
32+
runs-on: ubuntu-latest
33+
steps:
34+
- name: Checkout
35+
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
36+
- name: Setup Python 3.11
37+
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
38+
with:
39+
python-version: "3.11"
40+
- name: Install uv
41+
run: python -m pip install --upgrade pip uv
42+
- name: Sync dependencies
43+
run: uv sync --dev
44+
- name: Run deterministic gate
45+
run: uv run make gate
46+
47+
smoke:
48+
name: smoke
49+
runs-on: ubuntu-latest
50+
steps:
51+
- name: Checkout
52+
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
53+
- name: Setup Python 3.11
54+
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d
55+
with:
56+
python-version: "3.11"
57+
- name: Install uv
58+
run: python -m pip install --upgrade pip uv
59+
- name: Sync dependencies
60+
run: uv sync --dev
61+
- name: Run smoke test
62+
run: uv run make smoke

.github/workflows/codeql.yml

Lines changed: 125 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,125 @@
1+
# For most projects, this workflow file will not need changing; you simply need
2+
# to commit it to your repository.
3+
#
4+
# You may wish to alter this file to override the set of languages analyzed,
5+
# or to provide custom queries or build logic.
6+
#
7+
# ******** NOTE ********
8+
# We have attempted to detect the languages in your repository. Please check
9+
# the `language` matrix defined below to confirm you have the correct set of
10+
# supported CodeQL languages.
11+
#
12+
name: "CodeQL Advanced"
13+
14+
on:
15+
push:
16+
branches: [ "main" ]
17+
paths:
18+
- ".github/workflows/**"
19+
- ".gitignore"
20+
- "Makefile"
21+
- "dev/**"
22+
- "scripts/**"
23+
- "src/**"
24+
- "tests/**"
25+
- "pyproject.toml"
26+
- "uv.lock"
27+
pull_request:
28+
branches: [ "main" ]
29+
paths:
30+
- ".github/workflows/**"
31+
- ".gitignore"
32+
- "Makefile"
33+
- "dev/**"
34+
- "scripts/**"
35+
- "src/**"
36+
- "tests/**"
37+
- "pyproject.toml"
38+
- "uv.lock"
39+
schedule:
40+
- cron: '24 19 * * 2'
41+
42+
concurrency:
43+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
44+
cancel-in-progress: true
45+
46+
jobs:
47+
analyze:
48+
name: Analyze (${{ matrix.language }})
49+
# Runner size impacts CodeQL analysis time. To learn more, please see:
50+
# - https://gh.io/recommended-hardware-resources-for-running-codeql
51+
# - https://gh.io/supported-runners-and-hardware-resources
52+
# - https://gh.io/using-larger-runners (GitHub.com only)
53+
# Consider using larger runners or machines with greater resources for possible analysis time improvements.
54+
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
55+
permissions:
56+
# required for all workflows
57+
security-events: write
58+
59+
# required to fetch internal or private CodeQL packs
60+
packages: read
61+
62+
# only required for workflows in private repositories
63+
actions: read
64+
contents: read
65+
66+
strategy:
67+
fail-fast: false
68+
matrix:
69+
include:
70+
- language: actions
71+
build-mode: none
72+
- language: python
73+
build-mode: none
74+
# CodeQL supports the following values keywords for 'language': 'actions', 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'rust', 'swift'
75+
# Use `c-cpp` to analyze code written in C, C++ or both
76+
# Use 'java-kotlin' to analyze code written in Java, Kotlin or both
77+
# Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
78+
# To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
79+
# see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
80+
# If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
81+
# your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
82+
steps:
83+
- name: Checkout repository
84+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5
85+
86+
# Add any setup steps before running the `github/codeql-action/init` action.
87+
# This includes steps like installing compilers or runtimes (`actions/setup-node`
88+
# or others). This is typically only required for manual builds.
89+
# - name: Setup runtime (example)
90+
# uses: actions/setup-example@v1
91+
92+
# Initializes the CodeQL tools for scanning.
93+
- name: Initialize CodeQL
94+
uses: github/codeql-action/init@a60c4df7a135c7317c1e9ddf9b5a9b07a910dda9
95+
with:
96+
languages: ${{ matrix.language }}
97+
build-mode: ${{ matrix.build-mode }}
98+
# If you wish to specify custom queries, you can do so here or in a config file.
99+
# By default, queries listed here will override any specified in a config file.
100+
# Prefix the list here with "+" to use these queries and those in the config file.
101+
102+
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
103+
# queries: security-extended,security-and-quality
104+
105+
# If the analyze step fails for one of the languages you are analyzing with
106+
# "We were unable to automatically build your code", modify the matrix above
107+
# to set the build mode to "manual" for that language. Then modify this step
108+
# to build your code.
109+
# ℹ️ Command-line programs to run using the OS shell.
110+
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
111+
- name: Run manual build steps
112+
if: matrix.build-mode == 'manual'
113+
shell: bash
114+
run: |
115+
echo 'If you are using a "manual" build mode for one or more of the' \
116+
'languages you are analyzing, replace this with the commands to build' \
117+
'your code, for example:'
118+
echo ' make bootstrap'
119+
echo ' make release'
120+
exit 1
121+
122+
- name: Perform CodeQL Analysis
123+
uses: github/codeql-action/analyze@a60c4df7a135c7317c1e9ddf9b5a9b07a910dda9
124+
with:
125+
category: "/language:${{matrix.language}}"

0 commit comments

Comments
 (0)