otto 2.0.0.pre3 → 2.0.0.pre7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: abc8be5b60ac2a33d84dd0b89aec0e30797d36a995fdc26db7d9d2e65b28553f
-  data.tar.gz: 003a6c148c47011bbdc185c0035d9788f319b34eaa4bd2067cf06199749abf46
+  metadata.gz: 69a46d80f1fcc3f2472c44554fd7102645226e264befdd23af9871ad4f5fafaf
+  data.tar.gz: 54d8b433d49b549e17d3406aa011b6f4f80c50eefc5a6fa51dde1772fde8b8f2
 SHA512:
-  metadata.gz: 0b27bf0132a8648a0b7ba14c33e1c1553196447a34a826463572c2fb005c644cdcbadd9987b1b71787c41cc70332771034ac52bda39e76aaa2947c0b73138470
-  data.tar.gz: c45a50e6420a3a6a072abdbb03177228132359cc52193fdcbac230ea0b6f6aac8c86613190d4cb6be192125db6999510467a3a4a5abe0f1fee46e07e202448aa
+  metadata.gz: b518140043ad7ab983fb99e85ac9643ca4527385930d77a4b01e2b241b7212854fbc5e8875bc58b17e3d17c66fcfc6455b85587d023ceec13006876bec79a0d9
+  data.tar.gz: f64b842b58acc746ad39d58eac0fb57c245f1db29755f89d259d64bd127db3043034a9e8ada0ee19c04d969ec1bb34b515f5dfc1fcf36c80ceaeb9123ac2de6e

data/.github/workflows/ci.yml

@@ -45,7 +45,7 @@ jobs:
           bundler-cache: ${{ !matrix.experimental }}
 
       - name: Setup tmate session
-        uses: mxschmitt/action-tmate@7b6a61a73bbb9793cb80ad69b8dd8ac19261834c # v3
+        uses: mxschmitt/action-tmate@c0afd6f790e3a5564914980036ebf83216678101 # v3
         if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
         with:
           detached: true

data/.github/workflows/claude-code-review.yml

@@ -54,7 +54,7 @@ jobs:
       - name: Remove claude-review label
         # Remove label whether success or failure - prevents getting stuck
         if: always() && github.event.action != 'opened'
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           script: |
             try {

data/.github/workflows/code-smells.yml

@@ -0,0 +1,146 @@
+# .github/workflows/code-smells.yml
+---
+name: Code Smells
+
+on:
+  pull_request:
+    branches: [main]
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pull-requests: write # Needed to post comments on PRs
+
+jobs:
+  reek-analysis:
+    name: Reek Code Analysis
+    runs-on: ubuntu-24.04
+    timeout-minutes: 5
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.4
+          bundler-cache: true
+
+      - name: Configure Bundler for secure gem installation
+        run: |
+          bundle config set --local path 'vendor/bundle'
+          bundle config set --local deployment 'false'
+
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+
+      - name: Run Reek analysis
+        run: |
+          echo "=== Running Reek code analysis ==="
+          echo "This analysis identifies code smells and potential improvements."
+          echo "Results are informational and won't fail the build."
+          echo ""
+
+          # Run reek and capture output (don't fail on warnings)
+          # Use success-exit-code to prevent failures from stopping the analysis
+          bundle exec reek --format=text --success-exit-code 0 --failure-exit-code 0 || true
+
+          echo ""
+          echo "=== Reek analysis complete ==="
+        continue-on-error: true # Don't fail the build on code smells
+
+      - name: Generate Reek report
+        run: |
+          echo "=== Generating detailed Reek report ==="
+
+          # Generate JSON report for potential future processing
+          bundle exec reek --format=json --success-exit-code 0 --failure-exit-code 0 > reek-report.json || true
+
+          # If no JSON was generated, create an empty valid JSON array
+          if [ ! -s reek-report.json ]; then
+            echo "[]" > reek-report.json
+            echo "No code smells detected - created empty report"
+          else
+            echo "Reek JSON report generated: $(wc -l < reek-report.json) lines"
+            echo "Top code smell types found:"
+            jq -r '.[].smells[].smell_type' reek-report.json 2>/dev/null | sort | uniq -c | sort -rn | head -10 || echo "Unable to parse JSON report"
+          fi
+
+          # Also generate a human-readable HTML report for easier viewing
+          bundle exec reek --format=html --success-exit-code 0 --failure-exit-code 0 > reek-report.html || echo "<!-- No code smells detected -->" > reek-report.html
+        continue-on-error: true
+
+      - name: Upload Reek report as artifact
+        uses: actions/upload-artifact@v5
+        if: always()
+        with:
+          name: reek-report
+          path: |
+            reek-report.json
+            reek-report.html
+          if-no-files-found: ignore
+          retention-days: 30
+
+  additional-checks:
+    name: Additional Quality Checks
+    runs-on: ubuntu-24.04
+    timeout-minutes: 5
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.4
+          bundler-cache: true
+
+      - name: Configure Bundler for secure gem installation
+        run: |
+          bundle config set --local path 'vendor/bundle'
+          bundle config set --local deployment 'false'
+
+      - name: Install dependencies
+        run: bundle install --jobs 4 --retry 3
+
+      - name: Check for TODO/FIXME comments
+        run: |
+          echo "=== Scanning for TODO/FIXME comments ==="
+          echo "This helps track technical debt and action items."
+          echo ""
+
+          # Find TODO/FIXME comments (excluding vendor and tmp directories)
+          find . -name "*.rb" -not -path "./vendor/*" -not -path "./tmp/*" | \
+            xargs grep -Hn -i -E "(TODO|FIXME|HACK|XXX|NOTE):" 2>/dev/null | \
+            head -20 || echo "No TODO/FIXME comments found"
+        continue-on-error: true
+
+      - name: Check Ruby file syntax
+        run: |
+          echo "=== Checking Ruby syntax ==="
+          echo "Validates that all Ruby files have correct syntax."
+          echo ""
+
+          find . -name "*.rb" -not -path "./vendor/*" -not -path "./tmp/*" | \
+            while read -r file; do
+              if ! ruby -c "$file" > /dev/null 2>&1; then
+                echo "Syntax error in: $file"
+                ruby -c "$file"
+              fi
+            done
+        continue-on-error: true
+
+      - name: Check for long lines
+        run: |
+          echo "=== Checking for long lines (>120 characters) ==="
+          echo "Identifies potentially hard-to-read code lines."
+          echo ""
+
+          find . -name "*.rb" -not -path "./vendor/*" -not -path "./tmp/*" | \
+            xargs grep -Hn "^.\{121,\}$" | \
+            head -10 || echo "No overly long lines found"
+        continue-on-error: true

data/.gitignore

@@ -11,8 +11,12 @@
 .*.json
 !LICENSE.txt
 !spec/fixtures/*.txt
+!examples/**/*.md
+!README.md
+!CLAUDE.md
 .ruby-version
 appendonlydir
+data/
 etc/config
 log
 tmp

data/.pre-commit-config.yaml

@@ -96,12 +96,12 @@ repos:
 
   # Commit message issue tracking integration
   - repo: https://github.com/avilaton/add-msg-issue-prefix-hook
-    rev: v0.0.12
+    rev: v0.0.13
     hooks:
       - id: add-msg-issue-prefix
         stages: [prepare-commit-msg]
         description: Automatically prefix commits with issue numbers
         args:
           - "--default="
-          - '--pattern=(?:i18n(?=\/)|[a-zA-Z0-9]{0,10}-?[0-9]{1,5})'
+          - "--pattern=(i18n(?=/)|([a-zA-Z0-9]{0,10}-?[0-9]{1,5}))"
           - "--template=[#{}]"

data/.reek.yml

@@ -0,0 +1,99 @@
+# .reek.yml
+#
+# Reek configuration for Otto
+#
+# Basic commands:
+#   bundle exec reek                           # Analyze all Ruby files
+#   bundle exec reek lib/                      # Analyze specific directory
+#   bundle exec reek lib/otto.rb               # Analyze specific file
+#   bundle exec reek --help                    # Show all options
+#   bundle exec reek --docs                    # Open documentation
+#
+# Advanced usage:
+#   bundle exec reek --format=html > report.html     # Generate HTML report
+#   bundle exec reek --format=json                   # JSON output for CI
+#   bundle exec reek --config .reek.yml              # Use specific config
+#   bundle exec reek --show-docs IrresponsibleModule # Explain specific smell
+#   bundle exec reek --failure-exit-code 1           # Exit with error on smells (for CI)
+
+---
+detectors:
+  # Disable some detectors for initial adoption
+  # You can gradually enable these as you clean up the codebase
+
+  # Class/Module Structure
+  IrresponsibleModule:
+    enabled: false # Modules without documentation - start with this disabled
+
+  # Method Complexity
+  TooManyStatements:
+    enabled: true
+    max_statements: 15 # Default is 5, relaxed for initial adoption
+
+  TooManyMethods:
+    enabled: true
+    max_methods: 25 # Default is 15, relaxed for ORMs which often have many methods
+
+  LongParameterList:
+    enabled: true
+    max_params: 4 # Default is 3, slightly relaxed
+
+  # Data Classes and Feature Envy
+  DataClump:
+    enabled: true
+
+  FeatureEnvy:
+    enabled: true
+
+  # Control Structure
+  NestedIterators:
+    enabled: true
+    max_allowed_nesting: 2 # Default is 1, relaxed for data processing
+
+  # Variable and Constant Usage
+  UnusedParameters:
+    enabled: true
+
+  InstanceVariableAssumption:
+    enabled: true
+
+  # Naming
+  UncommunicativeParameterName:
+    enabled: true
+    reject:
+      - "/^.$/" # Single letter names
+      - "/[0-9]$/" # Names ending in numbers
+      - "/^_/" # Names starting with underscore (common Ruby pattern)
+    accept: []
+
+  UncommunicativeVariableName:
+    enabled: true
+    reject:
+      - "/^.$/" # Single letter names
+      - "/[0-9]$/" # Names ending in numbers
+    accept:
+      - e # Exception variable
+      - id # Common identifier
+      - db # Database connection
+      - op # Operation
+      - io # Input/output
+
+  UncommunicativeMethodName:
+    enabled: true
+    reject:
+      - "/^.$/" # Single letter method names
+      - "/[0-9]$/" # Methods ending in numbers
+    accept:
+      - "<<" # Common Ruby operator overload
+
+# Directory and file exclusions
+exclude_paths:
+  - "vendor/**/*.rb"
+  - "tmp/**/*.rb"
+  - "try/**/*.rb" # Test files using tryouts framework
+  - "examples/**/*.rb" # Example code files
+  - "bin/*" # Executable scripts
+  - "*.gemspec" # Gem specification files
+
+# Note: For limiting warnings output, use CLI: bundle exec reek | head -50
+# Note: For failure exit codes, use CLI: bundle exec reek --failure-exit-code 1

data/CHANGELOG.rst

@@ -7,6 +7,95 @@ The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.1.0/>`
 
    <!--scriv-insert-here-->
 
+.. _changelog-2.0.0.pre6:
+
+2.0.0.pre6 — TBD
+================
+
+Changed
+-------
+
+- **BREAKING**: ``Otto.on_request_complete`` is now an instance method instead of a class method. This fixes duplicate callback invocations in multi-app architectures (e.g., Rack::URLMap with multiple Otto instances). Each Otto instance now maintains its own isolated set of callbacks that only fire for requests processed by that specific instance.
+
+  **Migration**: Change ``Otto.on_request_complete { |req, res, dur| ... }`` to ``otto.on_request_complete { |req, res, dur| ... }``
+
+- **Logging**: Eliminated duplicate error logging in route handlers. Previously, errors produced two log lines ("Handler execution failed" + "Unhandled error in request"). Now produces a single comprehensive error log with all context (handler, duration, error_id). Lambda handlers now use centralized error handling for consistency. #86
+
+Fixed
+-----
+
+- Fixed issue #84 where ``on_request_complete`` callbacks would fire N times per request in multi-app architectures, causing duplicate logging and metrics
+- Fixed ``Otto.structured_log`` to respect ``Otto.debug`` flag - debug logs are now properly skipped when ``Otto.debug = false``
+
+AI Assistance
+-------------
+
+- This enhancement was developed with assistance from Claude Code (Opus 4.1)
+
+.. _changelog-2.0.0.pre5:
+
+2.0.0.pre5 — 2025-10-21
+=======================
+
+Added
+-----
+
+- Added ``Otto::LoggingHelpers.log_timed_operation`` for automatic timing and error handling of operations
+- Added ``Otto::LoggingHelpers.log_backtrace`` for consistent backtrace logging with correlation fields
+- Added microsecond-precision timing to configuration freeze process
+- Added unique error ID generation for nested error handler failures (links via ``original_error_id``)
+
+Changed
+-------
+
+- Timing precision standardization: All timing calculations now use microsecond precision instead of milliseconds. This affects authentication duration tracking and request lifecycle timing. Duration values are now reported in microseconds as integers (e.g., ``15200`` instead of ``15.2``).
+- Request completion hooks API improvement: ``Otto.on_request_complete`` callbacks now receive a ``Rack::Response`` object instead of the raw ``[status, headers, body]`` tuple. This provides a more developer-friendly API consistent with ``Rack::Request``, allowing clean access via ``res.status``, ``res.headers``, and ``res.body`` instead of array indexing.
+- All timing now uses microseconds (``Otto::Utils.now_in_μs``) for consistency
+- Configuration freeze process now logs detailed timing metrics
+
+Documentation
+-------------
+
+- Added example application demonstrating three new logging patterns (``examples/logging_improvements.rb``)
+- Documented base context pattern for downstream projects to inject custom correlation fields
+- Added output examples for both structured and standard loggers
+
+AI Assistance
+-------------
+
+- This enhancement was developed with assistance from Claude Code (Opus 4.1)
+
+   .. _changelog-2.0.0.pre4:
+
+
+2.0.0.pre4 — 2025-10-20
+=======================
+Changed
+-------
+- Authentication moved from middleware to RouteAuthWrapper at handler level (executes after routing)
+- RouteAuthWrapper now wraps all routes and provides session persistence, security headers, strategy caching, and pattern matching (exact, prefix, fallback)
+- env['otto.strategy_result'] now guaranteed present on all routes (authenticated or anonymous)
+- Renamed MiddlewareStack#build_app to #wrap (reflects per-request wrapping vs one-time initialization)
+
+Removed
+-------
+- AuthenticationMiddleware (executed before routing)
+- enable_authentication! (RouteAuthWrapper handles auth automatically)
+- Defensive nil fallback from LogicClassHandler (no longer needed)
+
+Fixed
+-----
+- Session persistence: env['rack.session'] now references same object as strategy_result.session
+- Security headers included on all auth failure responses (401/302)
+- Anonymous routes now receive StrategyResult with IP metadata
+
+Documentation
+-------------
+- Updated CLAUDE.md with RouteAuthWrapper architecture
+- Updated env_keys.rb to document strategy_result guarantee
+- Added tests for anonymous route handling
+
+
 .. _changelog-2.0.0.pre2:
 
 2.0.0.pre2 — 2025-10-11
@@ -60,6 +149,7 @@ AI Assistance
 - Comprehensive migration of Logic classes and documentation with AI guidance for consistency
 - Automated test validation and intelligent file organization following Ruby conventions
 
+
 .. _changelog-2.0.0-pre1:
 
 2.0.0-pre1 — 2025-09-10