@oddessentials/repo-standards 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +202 -0
  3. package/dist/config/standards.csharp-dotnet.azure-devops.json +542 -0
  4. package/dist/config/standards.csharp-dotnet.github-actions.json +542 -0
  5. package/dist/config/standards.csharp-dotnet.json +603 -0
  6. package/dist/config/standards.json +1351 -0
  7. package/dist/config/standards.python.azure-devops.json +557 -0
  8. package/dist/config/standards.python.github-actions.json +557 -0
  9. package/dist/config/standards.python.json +618 -0
  10. package/dist/config/standards.typescript-js.azure-devops.json +555 -0
  11. package/dist/config/standards.typescript-js.github-actions.json +555 -0
  12. package/dist/config/standards.typescript-js.json +616 -0
  13. package/dist/index.d.ts +11 -0
  14. package/dist/index.d.ts.map +1 -0
  15. package/dist/index.js +42 -0
  16. package/dist/types.d.ts +21 -0
  17. package/dist/types.d.ts.map +1 -0
  18. package/dist/types.js +2 -0
  19. package/package.json +82 -0
package/dist/config/standards.python.azure-devops.json ADDED
@@ -0,0 +1,557 @@
1
+ {
2
+ "checklist": {
3
+ "core": [
4
+ {
5
+ "ciHints": {
6
+ "azure-devops": {
7
+ "stage": "quality"
8
+ }
9
+ },
10
+ "description": "Maintain proper .gitignore and .dockerignore files to prevent committing secrets, build artifacts, or unnecessary files.",
11
+ "id": "gitignore-and-dockerignore",
12
+ "label": "Git and Docker Ignore Files",
13
+ "stack": {
14
+ "exampleConfigFiles": [
15
+ ".gitignore",
16
+ ".dockerignore"
17
+ ],
18
+ "notes": "Use the official github/gitignore Python template. Include **pycache**, .venv/, .pytest_cache, .env, and similar local-only files. .dockerignore must exclude .git, virtual environments, and caches.",
19
+ "optionalFiles": [
20
+ ".dockerignore"
21
+ ],
22
+ "requiredFiles": [
23
+ ".gitignore"
24
+ ],
25
+ "verification": ".gitignore must exist; .dockerignore is recommended when containerizing or using Docker workflows."
26
+ }
27
+ },
28
+ {
29
+ "ciHints": {
30
+ "azure-devops": {
31
+ "stage": "quality"
32
+ }
33
+ },
34
+ "description": "Run static code linting to enforce consistency and catch common issues early.",
35
+ "id": "linting",
36
+ "label": "Linting",
37
+ "stack": {
38
+ "exampleConfigFiles": [
39
+ "pyproject.toml",
40
+ ".flake8"
41
+ ],
42
+ "exampleTools": [
43
+ "ruff",
44
+ "flake8"
45
+ ],
46
+ "notes": "Configure a primary linter (such as ruff) and keep rules focused on catching real issues without overwhelming developers.",
47
+ "optionalFiles": [
48
+ "ruff.toml",
49
+ ".flake8"
50
+ ],
51
+ "requiredFiles": [
52
+ "pyproject.toml"
53
+ ],
54
+ "requiredScripts": [
55
+ "lint"
56
+ ],
57
+ "verification": "pyproject.toml (or ruff.toml / .flake8) signals that linting tools are configured for the repository."
58
+ }
59
+ },
60
+ {
61
+ "ciHints": {
62
+ "azure-devops": {
63
+ "stage": "test"
64
+ }
65
+ },
66
+ "description": "Provide a deterministic unit test framework with a single command to run all tests.",
67
+ "id": "unit-test-runner",
68
+ "label": "Unit Test Runner",
69
+ "stack": {
70
+ "exampleConfigFiles": [
71
+ "pytest.ini",
72
+ "pyproject.toml"
73
+ ],
74
+ "exampleTools": [
75
+ "pytest"
76
+ ],
77
+ "notes": "Organize unit tests under a tests/ directory and avoid real network or database calls in this layer.",
78
+ "optionalFiles": [
79
+ "pytest.ini",
80
+ "pyproject.toml",
81
+ "tests/"
82
+ ],
83
+ "requiredScripts": [
84
+ "test"
85
+ ],
86
+ "verification": "Test framework configuration is present; tests/ directory or pytest configuration exists."
87
+ }
88
+ },
89
+ {
90
+ "ciHints": {
91
+ "azure-devops": {
92
+ "stage": "build"
93
+ }
94
+ },
95
+ "description": "Provide a Dockerfile and, if applicable, a docker-compose file for local dev and CI parity.",
96
+ "id": "containerization",
97
+ "label": "Containerization (Docker / Docker Compose)",
98
+ "stack": {
99
+ "exampleConfigFiles": [
100
+ "Dockerfile",
101
+ "docker-compose.yml"
102
+ ],
103
+ "exampleTools": [],
104
+ "notes": "Choose a slim Python base image, pin the version, and clearly document how to start the service in a container.",
105
+ "optionalFiles": [
106
+ "docker-compose.yml"
107
+ ],
108
+ "requiredFiles": [
109
+ "Dockerfile"
110
+ ],
111
+ "verification": "Dockerfile must be present; docker-compose.yml is optional and indicates orchestration usage."
112
+ }
113
+ },
114
+ {
115
+ "ciHints": {
116
+ "azure-devops": {
117
+ "stage": "release"
118
+ }
119
+ },
120
+ "description": "Use MAJOR.MINOR.PATCH versioning with clear rules and automated changelog generation based on commit history.",
121
+ "id": "semantic-versioning",
122
+ "label": "Semantic Versioning",
123
+ "stack": {
124
+ "exampleConfigFiles": [
125
+ "pyproject.toml",
126
+ "setup.cfg",
127
+ "CHANGELOG.md"
128
+ ],
129
+ "exampleTools": [
130
+ "bumpversion",
131
+ "setuptools_scm",
132
+ "towncrier"
133
+ ],
134
+ "notes": "Automate version bumping and changelog generation using setuptools_scm (git-tag based) or bumpversion with towncrier for changelog fragments. Configure CI to automatically update version in pyproject.toml, generate/update CHANGELOG.md from commit messages or changelog fragments, and create git tags. Maintain a single source of truth for versioning.",
135
+ "verification": "Check that the package version in pyproject or setup configuration follows SemVer and verify that the configured tool (for example, setuptools_scm or bumpversion) automatically computes or bumps the version and generates changelog entries from commit history or fragments."
136
+ }
137
+ },
138
+ {
139
+ "ciHints": {
140
+ "azure-devops": {
141
+ "stage": "quality"
142
+ }
143
+ },
144
+ "description": "Enforce structured commit messages such as Conventional Commits.",
145
+ "id": "commit-linting",
146
+ "label": "Commit Linting",
147
+ "stack": {
148
+ "exampleConfigFiles": [
149
+ ".cz.toml",
150
+ "pyproject.toml"
151
+ ],
152
+ "exampleTools": [
153
+ "commitizen"
154
+ ],
155
+ "notes": "Standardize commit messages using commitizen or a similar helper and document the required types and scopes.",
156
+ "verification": "Use the configured commit helper (for example, commitizen) or hooks to create a test commit and confirm that non-conforming messages are rejected while valid ones are accepted."
157
+ }
158
+ },
159
+ {
160
+ "ciHints": {
161
+ "azure-devops": {
162
+ "stage": "test"
163
+ }
164
+ },
165
+ "description": "Generate readable unit test and coverage reports and enforce a minimum coverage threshold (around 80%) for new or changed code.",
166
+ "id": "unit-test-reporter",
167
+ "label": "Unit Test Reporter / Coverage",
168
+ "stack": {
169
+ "exampleConfigFiles": [
170
+ "pytest.ini",
171
+ "pyproject.toml"
172
+ ],
173
+ "exampleTools": [
174
+ "pytest",
175
+ "pytest-cov",
176
+ "coverage.py"
177
+ ],
178
+ "notes": "Configure coverage reporting for your test suite and surface summary metrics in CI.",
179
+ "verification": "Run the unit tests with coverage (for example, pytest with pytest-cov) and confirm that coverage reports are generated and referenced in CI to enforce or track thresholds."
180
+ }
181
+ },
182
+ {
183
+ "ciHints": {
184
+ "azure-devops": {
185
+ "stage": "ci"
186
+ }
187
+ },
188
+ "description": "Single CI pipeline that runs linting, formatting, type checking, tests, coverage, build, and containerization.",
189
+ "id": "ci-quality-gates",
190
+ "label": "CI Quality Gates",
191
+ "stack": {
192
+ "exampleConfigFiles": [
193
+ ".github/workflows/*",
194
+ "azure-pipelines.yml"
195
+ ],
196
+ "exampleTools": [],
197
+ "notes": "Ensure CI runs linting, type checking (if used), tests, and packaging or container checks for Python services before merging.",
198
+ "verification": "Open the CI configuration and verify there is a job or stage that runs linting, type checking (if used), tests, and any packaging or container checks before merging to main."
199
+ }
200
+ },
201
+ {
202
+ "ciHints": {
203
+ "azure-devops": {
204
+ "stage": "quality"
205
+ }
206
+ },
207
+ "description": "Automatic code formatting to maintain a consistent style across all contributors.",
208
+ "id": "code-formatter",
209
+ "label": "Code Formatter",
210
+ "stack": {
211
+ "exampleConfigFiles": [
212
+ "pyproject.toml"
213
+ ],
214
+ "exampleTools": [
215
+ "black"
216
+ ],
217
+ "notes": "Use black (or an equivalent opinionated formatter) and treat its output as the single source of truth for code style.",
218
+ "verification": "Run the configured formatter (for example, `black .` or `black --check .`) and confirm it reports clean formatting on committed code and auto-fixes as expected locally."
219
+ }
220
+ },
221
+ {
222
+ "ciHints": {
223
+ "azure-devops": {
224
+ "stage": "quality"
225
+ }
226
+ },
227
+ "description": "Use git hooks to run linting, formatting, tests, and commit linting before changes are committed.",
228
+ "id": "pre-commit-hooks",
229
+ "label": "Pre-Commit Hooks",
230
+ "stack": {
231
+ "exampleConfigFiles": [
232
+ ".pre-commit-config.yaml"
233
+ ],
234
+ "exampleTools": [
235
+ "pre-commit"
236
+ ],
237
+ "notes": "Use pre-commit to run ruff, black, and optionally mypy on staged files before committing.",
238
+ "verification": "Inspect .pre-commit-config.yaml and confirm that hooks for linting, formatting, and optionally type checking are enabled and run on changed files before commits."
239
+ }
240
+ },
241
+ {
242
+ "ciHints": {
243
+ "azure-devops": {
244
+ "stage": "quality"
245
+ }
246
+ },
247
+ "description": "Use static type checking to catch errors before runtime and enforce strictness on new code.",
248
+ "id": "type-checking",
249
+ "label": "Type Checking",
250
+ "stack": {
251
+ "exampleConfigFiles": [
252
+ "mypy.ini",
253
+ "pyproject.toml"
254
+ ],
255
+ "exampleTools": [
256
+ "mypy"
257
+ ],
258
+ "notes": "Adopt gradual typing with type hints and mypy, focusing first on critical modules and new code paths.",
259
+ "optionalFiles": [
260
+ "mypy.ini"
261
+ ],
262
+ "requiredFiles": [
263
+ "pyproject.toml"
264
+ ],
265
+ "requiredScripts": [
266
+ "typecheck"
267
+ ],
268
+ "verification": "pyproject.toml (or mypy.ini) signals that mypy configuration is available for the repository."
269
+ }
270
+ },
271
+ {
272
+ "ciHints": {
273
+ "azure-devops": {
274
+ "stage": "quality"
275
+ }
276
+ },
277
+ "description": "Lock dependencies and scan regularly for known vulnerabilities; fail CI on newly introduced high-severity issues.",
278
+ "id": "dependency-security",
279
+ "label": "Dependency Management & Vulnerability Scanning",
280
+ "stack": {
281
+ "exampleConfigFiles": [
282
+ "requirements.txt",
283
+ "Pipfile.lock",
284
+ "poetry.lock"
285
+ ],
286
+ "exampleTools": [
287
+ "pip-audit",
288
+ "safety"
289
+ ],
290
+ "notes": "Pin dependency versions and routinely scan for vulnerabilities, prioritizing fixes for critical and high-severity issues.",
291
+ "optionalFiles": [
292
+ "requirements.txt",
293
+ "Pipfile.lock",
294
+ "poetry.lock"
295
+ ],
296
+ "verification": "Dependency lockfile is present; security scanning is configured in CI or project tooling."
297
+ }
298
+ },
299
+ {
300
+ "ciHints": {
301
+ "azure-devops": {
302
+ "stage": "quality"
303
+ }
304
+ },
305
+ "description": "Specify required runtime/engine versions in package manifests to ensure environment stability and prevent version-related issues across development teams.",
306
+ "id": "runtime-version",
307
+ "label": "Runtime Version Specification",
308
+ "stack": {
309
+ "exampleConfigFiles": [
310
+ "pyproject.toml",
311
+ "setup.py",
312
+ ".python-version"
313
+ ],
314
+ "exampleTools": [],
315
+ "notes": "Specify python_requires in pyproject.toml (e.g., requires-python = \">=3.9\") or setup.py (e.g., python_requires='>=3.9'). Consider adding .python-version for pyenv users to automatically switch to the correct Python version.",
316
+ "optionalFiles": [
317
+ ".python-version"
318
+ ],
319
+ "requiredFiles": [
320
+ "pyproject.toml"
321
+ ],
322
+ "verification": "pyproject.toml or setup.py must specify python_requires; .python-version is recommended for local development."
323
+ }
324
+ },
325
+ {
326
+ "ciHints": {
327
+ "azure-devops": {
328
+ "stage": "docs"
329
+ }
330
+ },
331
+ "description": "Maintain a comprehensive README and, where applicable, auto-generated API docs to support onboarding and maintainability.",
332
+ "id": "documentation",
333
+ "label": "Documentation Standards",
334
+ "stack": {
335
+ "exampleConfigFiles": [
336
+ "README.md",
337
+ "docs/"
338
+ ],
339
+ "exampleTools": [
340
+ "Sphinx",
341
+ "MkDocs"
342
+ ],
343
+ "notes": "Ensure README explains environment setup and core commands, and generate API docs from docstrings where appropriate.",
344
+ "optionalFiles": [
345
+ "docs/",
346
+ "mkdocs.yml"
347
+ ],
348
+ "requiredFiles": [
349
+ "README.md"
350
+ ],
351
+ "verification": "README.md is present in the repository root; docs/ directory or documentation tooling configuration exists if applicable."
352
+ }
353
+ },
354
+ {
355
+ "ciHints": {
356
+ "azure-devops": {
357
+ "stage": "governance"
358
+ }
359
+ },
360
+ "description": "Include standard governance files (LICENSE, CODE_OF_CONDUCT.md, CONTRIBUTING.md), branch protection rules, and review standards to define legal, ethical, and workflow expectations.",
361
+ "id": "repository-governance",
362
+ "label": "Repository Governance",
363
+ "stack": {
364
+ "exampleConfigFiles": [
365
+ "LICENSE",
366
+ "CODE_OF_CONDUCT.md",
367
+ "CONTRIBUTING.md"
368
+ ],
369
+ "exampleTools": [],
370
+ "notes": "Spell out contributor responsibilities for tests, documentation, and review so expectations are clear for Python-focused teams.",
371
+ "optionalFiles": [
372
+ "CODE_OF_CONDUCT.md",
373
+ "CONTRIBUTING.md"
374
+ ],
375
+ "requiredFiles": [
376
+ "LICENSE"
377
+ ],
378
+ "verification": "LICENSE file is present in the repository root; CODE_OF_CONDUCT.md and CONTRIBUTING.md are present for contribution guidance."
379
+ }
380
+ }
381
+ ],
382
+ "optionalEnhancements": [
383
+ {
384
+ "ciHints": {
385
+ "azure-devops": {
386
+ "stage": "observability"
387
+ }
388
+ },
389
+ "description": "Standardize error handling and structured logging to make debugging and production monitoring easier.",
390
+ "id": "observability",
391
+ "label": "Observability (Logging & Error Handling)",
392
+ "stack": {
393
+ "exampleConfigFiles": [
394
+ "logging configuration files",
395
+ "pyproject.toml"
396
+ ],
397
+ "exampleTools": [
398
+ "structlog",
399
+ "loguru"
400
+ ],
401
+ "notes": "Use structured logging for Python services and ensure critical paths record enough context to debug issues after the fact.",
402
+ "verification": "Confirm that a structured logging setup (such as structlog or configured logging with JSON formatting) is in place and that critical paths log enough information to debug failures in production."
403
+ }
404
+ }
405
+ ],
406
+ "recommended": [
407
+ {
408
+ "ciHints": {
409
+ "azure-devops": {
410
+ "stage": "test"
411
+ }
412
+ },
413
+ "description": "Test how components interact with each other and external systems, running after unit tests with more relaxed coverage thresholds.",
414
+ "id": "integration-testing",
415
+ "label": "Integration Testing",
416
+ "stack": {
417
+ "exampleConfigFiles": [
418
+ "tests/integration/"
419
+ ],
420
+ "exampleTools": [
421
+ "pytest"
422
+ ],
423
+ "notes": "Separate integration tests from unit tests, using fixtures to handle databases, services, or other external systems.",
424
+ "verification": "Confirm there is a separate integration or API test suite (for example, a dedicated tests/integration directory) and run it to verify interactions with databases, services, or external systems."
425
+ }
426
+ },
427
+ {
428
+ "ciHints": {
429
+ "azure-devops": {
430
+ "stage": "performance"
431
+ }
432
+ },
433
+ "description": "Establish performance baselines and monitor for regressions using lightweight benchmarks or audits in CI.",
434
+ "id": "performance-baselining",
435
+ "label": "Performance Baselines",
436
+ "stack": {
437
+ "exampleConfigFiles": [
438
+ "pytest.ini",
439
+ "pyproject.toml"
440
+ ],
441
+ "exampleTools": [
442
+ "pytest-benchmark",
443
+ "cProfile"
444
+ ],
445
+ "notes": "Use simple benchmarks or profiling runs to characterize bottlenecks and watch for regressions in critical workflows.",
446
+ "verification": "Identify and run the configured performance checks or benchmarks (for example, pytest-benchmark or cProfile-based scripts) and confirm that their results are recorded and compared over time."
447
+ }
448
+ },
449
+ {
450
+ "ciHints": {
451
+ "azure-devops": {
452
+ "stage": "quality"
453
+ }
454
+ },
455
+ "description": "Measure cyclomatic complexity or similar metrics to keep code maintainable, starting as a warning-only check.",
456
+ "id": "complexity-analysis",
457
+ "label": "Complexity Analysis",
458
+ "stack": {
459
+ "exampleConfigFiles": [
460
+ "radon.cfg"
461
+ ],
462
+ "exampleTools": [
463
+ "radon"
464
+ ],
465
+ "notes": "Use radon or similar tools to track complexity of Python functions and keep new code within acceptable limits.",
466
+ "verification": "Run the configured complexity tool (for example, radon) on the codebase and review the report to ensure new or heavily changed functions are not excessively complex."
467
+ }
468
+ },
469
+ {
470
+ "ciHints": {
471
+ "azure-devops": {
472
+ "stage": "quality"
473
+ }
474
+ },
475
+ "description": "Run accessibility checks on web-facing components to detect critical issues and improve inclusive UX.",
476
+ "id": "accessibility-auditing",
477
+ "label": "Accessibility Auditing",
478
+ "stack": {
479
+ "exampleConfigFiles": [],
480
+ "exampleTools": [
481
+ "pa11y"
482
+ ],
483
+ "notes": "Use headless browser-based tools to scan Python-backed web UIs for accessibility issues on high-traffic routes.",
484
+ "verification": "For Python-backed web UIs, run the configured accessibility tooling (for example, pa11y or axe via a headless browser) against key routes and verify that critical issues are fixed or tracked."
485
+ }
486
+ }
487
+ ]
488
+ },
489
+ "ciSystems": [
490
+ "azure-devops"
491
+ ],
492
+ "meta": {
493
+ "complexityChecks": {
494
+ "description": "When supported by the stack, run cyclomatic complexity or similar metrics in CI as a warning-only check initially.",
495
+ "enabledByDefault": true
496
+ },
497
+ "defaultCoverageThreshold": 0.8,
498
+ "migrationGuide": [
499
+ {
500
+ "description": "Start by adding pre-commit hooks and core formatting/linting so developers get fast feedback without touching CI.",
501
+ "focusIds": [
502
+ "pre-commit-hooks",
503
+ "linting",
504
+ "code-formatter"
505
+ ],
506
+ "notes": "Keep hooks fast and focused on changed files to avoid slowing down day-to-day work.",
507
+ "step": 1,
508
+ "title": "Establish Local Safety Nets First"
509
+ },
510
+ {
511
+ "description": "Introduce CI quality gates that mirror local checks, but treat existing violations as warnings wherever possible.",
512
+ "focusIds": [
513
+ "ci-quality-gates",
514
+ "linting",
515
+ "code-formatter",
516
+ "commit-linting"
517
+ ],
518
+ "notes": "Use diff-based tools or baselines so only new violations break builds; legacy issues remain visible but non-blocking.",
519
+ "step": 2,
520
+ "title": "Mirror Local Checks in CI (Soft-Fail on Legacy)"
521
+ },
522
+ {
523
+ "description": "Enable type-checking, coverage thresholds, and dependency/vulnerability scanning with gradual enforcement.",
524
+ "focusIds": [
525
+ "type-checking",
526
+ "unit-test-runner",
527
+ "unit-test-reporter",
528
+ "dependency-security"
529
+ ],
530
+ "notes": "Pin tool and runtime versions in CI and containers to avoid flaky differences across environments.",
531
+ "step": 3,
532
+ "title": "Add Type Safety, Coverage, and Dependency Security"
533
+ },
534
+ {
535
+ "description": "Add documentation standards, governance files, integration testing, performance baselines, complexity analysis, accessibility auditing, and (optionally) ML-specific practices for data-heavy Python repos.",
536
+ "focusIds": [
537
+ "documentation",
538
+ "repository-governance",
539
+ "integration-testing",
540
+ "performance-baselining",
541
+ "complexity-analysis",
542
+ "accessibility-auditing"
543
+ ],
544
+ "notes": "Tackle recommended items in order of business value; backend-only repos can skip web-focused checks like accessibility. For AI/ML-heavy Python teams, consider extending containerization with data versioning (DVC) and unit tests with data quality checks (e.g., Great Expectations) as part of this step.",
545
+ "step": 4,
546
+ "title": "Layer in Docs, Governance, and Recommended Checks"
547
+ }
548
+ ],
549
+ "qualityGatePolicy": {
550
+ "description": "New quality checks should warn on existing code and fail CI only for violations introduced in new or changed code, to reduce friction on legacy codebases.",
551
+ "preferSoftFailOnLegacy": true
552
+ }
553
+ },
554
+ "stack": "python",
555
+ "stackLabel": "Python",
556
+ "version": 1
557
+ }