ato-mcp 0.2.3__tar.gz

ato_mcp-0.2.3/.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,72 @@
+name: Bug report
+description: Something works wrong, returns wrong data, or crashes.
+title: "[bug] "
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for filing! Please give us enough to reproduce. The fastest path to a fix is a minimal reproducer + the version you're running.
+
+  - type: input
+    id: version
+    attributes:
+      label: ato-mcp version
+      description: Run `python -c "import ato_mcp; print(ato_mcp.__version__)"`
+      placeholder: 0.1.1
+    validations:
+      required: true
+
+  - type: dropdown
+    id: client
+    attributes:
+      label: MCP client
+      options:
+        - Claude Desktop
+        - Cursor
+        - Windsurf
+        - Cline
+        - Direct Python (no MCP client)
+        - Other
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproducer
+    attributes:
+      label: Reproducer
+      description: |
+        The exact tool call(s) that trigger the bug. Either the MCP request payload or the equivalent Python:
+        ```python
+        from ato_mcp import server
+        await server.latest("F1.1", series="cash_rate_target")
+        ```
+      render: python
+    validations:
+      required: true
+
+  - type: textarea
+    id: actual
+    attributes:
+      label: What actually happened
+      description: Error message, wrong value, surprising response shape, etc.
+    validations:
+      required: true
+
+  - type: textarea
+    id: expected
+    attributes:
+      label: What you expected
+    validations:
+      required: true
+
+  - type: textarea
+    id: env
+    attributes:
+      label: Environment
+      description: |
+        - Python version (`python --version`)
+        - OS (macOS / Linux / Windows + version)
+        - How you installed (`uvx ato-mcp`, `uv pip install -e .`, etc.)
+      placeholder: |
+        Python 3.12.3, macOS 15, installed via uvx

ato_mcp-0.2.3/.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Question or how-to
+    url: https://github.com/Bigred97/ato-mcp/discussions/new?category=q-a
+    about: For "how do I" or "is it possible to" — start a Discussion instead of an issue.
+  - name: Show & tell — share what you built
+    url: https://github.com/Bigred97/ato-mcp/discussions/new?category=show-and-tell
+    about: Built something cool with ato-mcp? We'd love to see it.
+  - name: Security vulnerability
+    url: https://github.com/Bigred97/ato-mcp/security/advisories/new
+    about: Use the private security advisory flow — do NOT open a public issue.

ato_mcp-0.2.3/.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,46 @@
+name: Feature request
+description: Suggest a new tool, F-table, or behaviour.
+title: "[feat] "
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for the suggestion. Higher chance of merge if you frame it around a real use case ("I want to ask Claude X and currently I have to do Y").
+
+  - type: textarea
+    id: use_case
+    attributes:
+      label: What are you trying to do?
+      placeholder: I want to ask Claude about ATO government bond yields and currently ato-mcp doesn't curate F2.
+    validations:
+      required: true
+
+  - type: textarea
+    id: proposal
+    attributes:
+      label: Proposed change
+      description: |
+        Concrete: which file would change, what would the new tool/curated YAML look like, what does the user-visible API become?
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: e.g. "I could just pass raw ATO series IDs to get_data, but..."
+
+  - type: dropdown
+    id: scope
+    attributes:
+      label: Scope
+      options:
+        - Add a curated F-table YAML
+        - New MCP tool
+        - Change to existing tool's signature
+        - Change to default behaviour
+        - Documentation
+        - Other
+    validations:
+      required: true

ato_mcp-0.2.3/.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,26 @@
+## What & why
+
+<!-- One paragraph: what does this PR do, and what's the motivating use case or bug? -->
+
+## How
+
+<!-- Brief: which files changed and why? -->
+
+## Tests
+
+- [ ] All existing tests still pass (`uv run pytest -m "not live"`)
+- [ ] New behaviour has a test
+- [ ] If this touches the live-API surface, `uv run pytest -m live` is green
+
+## Compatibility
+
+- [ ] No breaking changes to the public MCP tool signatures
+- [ ] No breaking changes to the `DataResponse` / `TableDetail` JSON shape
+- [ ] CC-BY 4.0 attribution still surfaces in `DataResponse.attribution`
+- [ ] If any of the above is broken, this is justified in the PR body
+
+## Other
+
+- [ ] CHANGELOG.md updated
+- [ ] README updated if user-visible behaviour changed
+- [ ] No new dependencies (or new dep is justified above)

ato_mcp-0.2.3/.github/dependabot.yml

@@ -0,0 +1,39 @@
+version: 2
+
+updates:
+  # Python dependencies (pyproject.toml + uv.lock)
+  - package-ecosystem: pip
+    directory: "/"
+    schedule:
+      interval: weekly
+      day: monday
+      time: "10:00"
+      timezone: Australia/Sydney
+    open-pull-requests-limit: 5
+    groups:
+      # Group all minor + patch updates into one PR per week.
+      python-runtime-minor-patch:
+        applies-to: version-updates
+        update-types: [minor, patch]
+    labels: [dependencies]
+    commit-message:
+      prefix: deps
+      include: scope
+
+  # GitHub Actions used in workflows
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+      day: monday
+      time: "10:00"
+      timezone: Australia/Sydney
+    open-pull-requests-limit: 3
+    groups:
+      gha-minor-patch:
+        applies-to: version-updates
+        update-types: [minor, patch]
+    labels: [dependencies, github-actions]
+    commit-message:
+      prefix: ci
+      include: scope

ato_mcp-0.2.3/.github/workflows/codeql.yml

@@ -0,0 +1,40 @@
+name: codeql
+
+# GitHub's free SAST scanning. Runs on push to main, on PRs, and weekly.
+# Findings appear under the repo's Security tab.
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "47 6 * * 1"   # Mondays 06:47 UTC — off-peak, offset 10min from rba-mcp
+
+jobs:
+  analyze:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [python]
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Initialise CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-extended
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v4
+
+      - name: Analyze
+        uses: github/codeql-action/analyze@v4
+        with:
+          category: "/language:${{ matrix.language }}"

ato_mcp-0.2.3/.github/workflows/release.yml

@@ -0,0 +1,57 @@
+name: release
+
+# Push a tag like v0.3.0 → wheel is built and published to PyPI via
+# Trusted Publishing (OIDC, no API token in repo secrets). One-time setup:
+#   1. https://pypi.org/manage/account/publishing/
+#   2. Add a "pending publisher":
+#        PyPI project    = ato-mcp
+#        owner           = Bigred97
+#        repository      = ato-mcp
+#        workflow        = release.yml
+#        environment     = pypi
+#   3. Create a `pypi` environment in repo Settings → Environments
+#      (no secrets needed; the environment scopes the OIDC token).
+#      Optionally add a required-reviewers rule so a tag push waits for
+#      your manual approval before publishing.
+# Then any `git push origin vX.Y.Z` triggers this job.
+
+on:
+  push:
+    tags:
+      - "v*"
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/project/ato-mcp/
+    permissions:
+      id-token: write     # required for Trusted Publishing OIDC
+      contents: read
+    steps:
+      - uses: actions/checkout@v6
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+
+      - name: Sanity-check the tag matches pyproject.toml
+        run: |
+          TAG_VERSION="${GITHUB_REF_NAME#v}"
+          PYPROJECT_VERSION=$(uv run python -c "import tomllib,sys; print(tomllib.load(open('pyproject.toml','rb'))['project']['version'])")
+          if [ "$TAG_VERSION" != "$PYPROJECT_VERSION" ]; then
+            echo "::error::Tag $GITHUB_REF_NAME does not match pyproject version $PYPROJECT_VERSION"
+            exit 1
+          fi
+          echo "Releasing version $PYPROJECT_VERSION"
+
+      - name: Build wheel + sdist
+        run: uv build
+
+      - name: Publish to PyPI (Trusted Publishing)
+        uses: pypa/gh-action-pypi-publish@release/v1
+
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/

ato_mcp-0.2.3/.github/workflows/test.yml

@@ -0,0 +1,60 @@
+name: tests
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+      - name: Run ruff check
+        # `uvx` runs ruff in an isolated managed env; avoids PEP 668
+        # "externally-managed environment" failure on Ubuntu 23.04+ runners
+        # that the previous `uv pip install --system` hit.
+        run: uvx "ruff>=0.5" check src/ tests/
+
+  test:
+    runs-on: ubuntu-latest
+    needs: lint
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v6
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+        with:
+          enable-cache: true
+      - name: Set up Python ${{ matrix.python-version }}
+        run: uv python install ${{ matrix.python-version }}
+      - name: Sync dependencies
+        run: uv sync --extra dev
+      - name: Install package
+        run: uv pip install -e .
+      - name: Run unit tests
+        run: uv run pytest -q
+
+  build:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v6
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+      - name: Build wheel + sdist
+        run: uv build
+      - name: Verify wheel installs cleanly
+        run: |
+          uv run --isolated --with ./dist/*.whl python -c \
+            "import ato_mcp.server as s; n = len(s.list_curated()); assert n >= 8, f'expected >=8 curated, got {n}'; print(f'OK ({n} curated datasets)')"
+      - uses: actions/upload-artifact@v4
+        with:
+          name: dist
+          path: dist/

ato_mcp-0.2.3/.gitignore

@@ -0,0 +1,17 @@
+__pycache__/
+*.py[cod]
+*.egg-info/
+.pytest_cache/
+.venv/
+venv/
+dist/
+build/
+.coverage
+.coverage.*
+htmlcov/
+.DS_Store
+*.swp
+*.swo
+.idea/
+.vscode/
+.ato-mcp-cache/