gitflow-analytics 3.3.0__py3-none-any.whl → 3.5.2__py3-none-any.whl

gitflow_analytics/core/data_fetcher.py

@@ -18,6 +18,7 @@ from typing import Any, Optional
 from sqlalchemy import func
 from sqlalchemy.orm import Session
 
+from ..constants import BatchSizes, Timeouts
 from ..extractors.story_points import StoryPointExtractor
 from ..extractors.tickets import TicketExtractor
 from ..integrations.jira_integration import JIRAIntegration
@@ -59,7 +60,7 @@ class GitDataFetcher:
         allowed_ticket_platforms: Optional[list[str]] = None,
         exclude_paths: Optional[list[str]] = None,
         skip_remote_fetch: bool = False,
-    ):
+    ) -> None:
         """Initialize the data fetcher.
 
         Args:
@@ -96,7 +97,7 @@ class GitDataFetcher:
         self.identity_resolver = DeveloperIdentityResolver(identity_db_path)
 
         # Initialize git timeout wrapper for safe operations
-        self.git_wrapper = GitTimeoutWrapper(default_timeout=30)
+        self.git_wrapper = GitTimeoutWrapper(default_timeout=Timeouts.DEFAULT_GIT_OPERATION)
 
         # Statistics for tracking repository processing
         self.processing_stats = {
@@ -170,10 +171,10 @@ class GitDataFetcher:
                     progress.start_repository(f"{project_key} (cloning)", 0)
                 else:
                     # Rough estimate based on weeks
-                    estimated_commits = weeks_back * 50  # Estimate ~50 commits per week
+                    estimated_commits = weeks_back * BatchSizes.COMMITS_PER_WEEK_ESTIMATE
                     progress.start_repository(project_key, estimated_commits)
             except Exception:
-                progress.start_repository(project_key, 100)  # Default estimate
+                progress.start_repository(project_key, BatchSizes.DEFAULT_PROGRESS_ESTIMATE)
 
         # Step 1: Collect all commits organized by day with enhanced progress tracking
         logger.info("🔍 DEBUG: About to fetch commits by day")
@@ -402,8 +403,13 @@ class GitDataFetcher:
                         if hasattr(_thread_local, "temp_dir"):
                             shutil.rmtree(_thread_local.temp_dir, ignore_errors=True)
                             delattr(_thread_local, "temp_dir")
-                    except:
-                        pass
+                    except OSError as e:
+                        # Log cleanup failures but don't fail the operation
+                        logger.debug(f"Failed to clean up temp directory for {project_key}: {e}")
+                    except Exception as e:
+                        logger.warning(
+                            f"Unexpected error during temp cleanup for {project_key}: {e}"
+                        )
 
                 try:
                     # Configure git to never prompt for credentials
@@ -506,8 +512,14 @@ class GitDataFetcher:
                 # Estimate based on first branch (multiply by number of branches for rough estimate)
                 len(sample_commits) * len(branches_to_analyze)
                 break
-        except:
-            len(days_to_process) * 50  # Default estimate
+        except GitOperationTimeout:
+            logger.warning(
+                f"Timeout while sampling commits for {project_key}, using default estimate"
+            )
+            len(days_to_process) * BatchSizes.COMMITS_PER_WEEK_ESTIMATE  # Default estimate
+        except Exception as e:
+            logger.debug(f"Could not sample commits for {project_key}: {e}, using default estimate")
+            len(days_to_process) * BatchSizes.COMMITS_PER_WEEK_ESTIMATE  # Default estimate
 
         # Update repository in Rich display with estimated commit count
         if hasattr(progress, "_use_rich") and progress._use_rich:
@@ -537,18 +549,25 @@ class GitDataFetcher:
                 for branch_name in branches_to_analyze:
                     try:
                         # Fetch commits for this specific day and branch with timeout protection
-                        def fetch_branch_commits():
+                        def fetch_branch_commits(
+                            branch: str = branch_name,
+                            start: datetime = day_start,
+                            end: datetime = day_end,
+                        ) -> list[Any]:
+                            """Fetch commits for a specific branch and day range.
+
+                            Returns:
+                                List of GitPython commit objects
+                            """
                             return list(
-                                repo.iter_commits(
-                                    branch_name, since=day_start, until=day_end, reverse=False
-                                )
+                                repo.iter_commits(branch, since=start, until=end, reverse=False)
                             )
 
                         # Use timeout wrapper to prevent hanging on iter_commits
                         try:
                             branch_commits = self.git_wrapper.run_with_timeout(
                                 fetch_branch_commits,
-                                timeout=15,  # 15 seconds per branch/day combination
+                                timeout=Timeouts.GIT_BRANCH_ITERATION,
                                 operation_name=f"iter_commits_{branch_name}_{day_str}",
                             )
                         except GitOperationTimeout:
@@ -913,23 +932,28 @@ class GitDataFetcher:
         except Exception as e:
             logger.debug(f"Error getting local branches: {e}")
 
-        # If we have remotes, also consider remote branches (but clean the names)
+        # If we have remotes, also consider remote branches (keep full remote reference)
         # Skip remote branch checking if skip_remote_fetch is enabled to avoid auth prompts
         if not self.skip_remote_fetch:
             try:
                 if repo.remotes and hasattr(repo.remotes, "origin"):
+                    # CRITICAL FIX: Keep full remote reference (origin/branch-name) for accessibility testing
+                    # Remote branches need the full reference to work with iter_commits()
                     # THREAD SAFETY: Create a new list to avoid sharing references
                     remote_branches = list(
                         [
-                            ref.name.replace("origin/", "")
+                            ref.name  # Keep full "origin/branch-name" format
                             for ref in repo.remotes.origin.refs
                             if not ref.name.endswith("HEAD")  # Skip HEAD ref
                         ]
                     )
-                    # Only add remote branches that aren't already in local branches
-                    for branch in remote_branches:
-                        if branch not in available_branches:
-                            available_branches.append(branch)
+                    # Add remote branches with full reference (origin/branch-name)
+                    # Extract short name only for duplicate checking against local branches
+                    for branch_ref in remote_branches:
+                        short_name = branch_ref.replace("origin/", "")
+                        # Only add if we don't have this branch locally
+                        if short_name not in available_branches:
+                            available_branches.append(branch_ref)  # Store full reference
                     logger.debug(f"Found remote branches: {remote_branches}")
             except Exception as e:
                 logger.debug(f"Error getting remote branches (may require authentication): {e}")
@@ -1043,7 +1067,9 @@ class GitDataFetcher:
                 repo_path = Path(repo.working_dir)
 
                 # Try to fetch with timeout protection
-                fetch_success = self.git_wrapper.fetch_with_timeout(repo_path, timeout=30)
+                fetch_success = self.git_wrapper.fetch_with_timeout(
+                    repo_path, timeout=Timeouts.GIT_FETCH
+                )
 
                 if not fetch_success:
                     # Mark this repository as having authentication issues if applicable
@@ -1070,7 +1096,9 @@ class GitDataFetcher:
                     tracking = current_branch.tracking_branch()
                     if tracking:
                         # Pull latest changes using timeout wrapper
-                        pull_success = self.git_wrapper.pull_with_timeout(repo_path, timeout=30)
+                        pull_success = self.git_wrapper.pull_with_timeout(
+                            repo_path, timeout=Timeouts.GIT_PULL
+                        )
                         if pull_success:
                             logger.debug(f"Pulled latest changes for {current_branch.name}")
                         else:
@@ -1137,7 +1165,7 @@ class GitDataFetcher:
                 cwd=repo_path,
                 capture_output=True,
                 text=True,
-                timeout=2,
+                timeout=Timeouts.GIT_CONFIG,
                 env={"GIT_TERMINAL_PROMPT": "0"},
             )
 
@@ -1164,9 +1192,12 @@ class GitDataFetcher:
                             f"3) Git credential manager instead."
                         )
                         break
-        except:
-            # Don't fail analysis due to security check
-            pass
+        except AttributeError as e:
+            # Repository might not have remotes attribute (e.g., in tests or unusual repo structures)
+            logger.debug(f"Could not check remote URLs for security scan: {e}")
+        except Exception as e:
+            # Don't fail analysis due to security check, but log unexpected errors
+            logger.warning(f"Error during credential security check: {e}")
 
     def get_repository_status_summary(self) -> dict[str, Any]:
         """Get a summary of repository fetch status.
@@ -1244,7 +1275,7 @@ class GitDataFetcher:
             logger.info(f"Fetching {len(tickets_to_fetch)} new tickets")
 
             # Fetch tickets in batches
-            batch_size = 50
+            batch_size = BatchSizes.TICKET_FETCH
             tickets_list = list(tickets_to_fetch)
 
             # Use centralized progress service
@@ -1787,7 +1818,12 @@ class GitDataFetcher:
             repo = commit.repo
             Path(repo.working_dir)
 
-            def get_diff_output():
+            def get_diff_output() -> str:
+                """Get diff output for commit using git numstat.
+
+                Returns:
+                    Git diff output string in numstat format
+                """
                 if parent:
                     return repo.git.diff(parent.hexsha, commit.hexsha, "--numstat")
                 else:
@@ -1798,7 +1834,7 @@ class GitDataFetcher:
             try:
                 diff_output = self.git_wrapper.run_with_timeout(
                     get_diff_output,
-                    timeout=10,  # 10 seconds for diff operations
+                    timeout=Timeouts.GIT_DIFF,
                     operation_name=f"diff_{commit.hexsha[:8]}",
                 )
             except GitOperationTimeout:
@@ -2003,7 +2039,7 @@ class GitDataFetcher:
                     elapsed_time = time.time() - repo_info["start_time"]
 
                     try:
-                        result = future.result(timeout=5)  # Short timeout to get result
+                        result = future.result(timeout=Timeouts.SUBPROCESS_DEFAULT)
 
                         if result:
                             self.processing_stats["success"] += 1
@@ -2167,7 +2203,7 @@ class GitDataFetcher:
         jira_integration: Optional[JIRAIntegration] = None,
         start_date: Optional[datetime] = None,
         end_date: Optional[datetime] = None,
-        timeout_per_operation: int = 30,
+        timeout_per_operation: int = Timeouts.DEFAULT_GIT_OPERATION,
     ) -> Optional[dict[str, Any]]:
         """Process a single repository with comprehensive timeout protection.
 

gitflow_analytics/core/git_timeout_wrapper.py

@@ -13,6 +13,8 @@ from contextlib import contextmanager
 from pathlib import Path
 from typing import Callable, Optional, TypeVar
 
+from ..constants import Timeouts
+
 logger = logging.getLogger(__name__)
 
 T = TypeVar("T")
@@ -27,7 +29,7 @@ class GitOperationTimeout(Exception):
 class GitTimeoutWrapper:
     """Wrapper for git operations with timeout protection."""
 
-    def __init__(self, default_timeout: int = 30):
+    def __init__(self, default_timeout: int = Timeouts.DEFAULT_GIT_OPERATION):
         """Initialize the git timeout wrapper.
 
         Args:
@@ -195,7 +197,7 @@ class GitTimeoutWrapper:
                     logger.error(f"   Error details: {e.stderr}")
                 raise
 
-    def fetch_with_timeout(self, repo_path: Path, timeout: int = 30) -> bool:
+    def fetch_with_timeout(self, repo_path: Path, timeout: int = Timeouts.GIT_FETCH) -> bool:
         """Fetch from remote with timeout protection.
 
         Args:
@@ -238,7 +240,7 @@ class GitTimeoutWrapper:
                 logger.warning(f"Git fetch failed for {repo_path.name}: {e}")
             return False
 
-    def pull_with_timeout(self, repo_path: Path, timeout: int = 30) -> bool:
+    def pull_with_timeout(self, repo_path: Path, timeout: int = Timeouts.GIT_PULL) -> bool:
         """Pull from remote with timeout protection.
 
         Args:
@@ -309,7 +311,7 @@ class HeartbeatLogger:
         """Stop the heartbeat logging thread."""
         self._stop_event.set()
         if self._thread:
-            self._thread.join(timeout=1)
+            self._thread.join(timeout=Timeouts.THREAD_JOIN)
 
     def _heartbeat_loop(self):
         """Main heartbeat loop that logs current operations."""

gitflow_analytics/core/progress.py

@@ -31,7 +31,7 @@ import sys
 import threading
 from contextlib import contextmanager
 from dataclasses import dataclass
-from typing import Any, Dict, Optional
+from typing import Any, Optional
 
 from tqdm import tqdm
 
@@ -39,8 +39,6 @@ from tqdm import tqdm
 try:
     from ..ui.progress_display import (
         RICH_AVAILABLE,
-        RepositoryInfo,
-        RepositoryStatus,
         create_progress_display,
     )
 
@@ -109,7 +107,7 @@ class ProgressService:
 
         # Rich display components
         self._rich_display = None
-        self._repository_contexts: Dict[str, Any] = {}
+        self._repository_contexts: dict[str, Any] = {}
         self._use_rich = False
 
         # Initialize display based on configuration

gitflow_analytics/core/subprocess_git.py

@@ -105,7 +105,14 @@ class SubprocessGit:
 
     @staticmethod
     def check_remotes_safe(repo_path: Path) -> bool:
-        """Check if repository has remotes without triggering authentication."""
+        """Check if repository has remotes without triggering authentication.
+
+        Args:
+            repo_path: Path to the git repository
+
+        Returns:
+            True if repository has remotes, False otherwise or on error
+        """
         cmd = ["git", "remote", "-v"]
 
         env = {
@@ -118,12 +125,26 @@ class SubprocessGit:
                 cmd, cwd=repo_path, capture_output=True, text=True, env=env, timeout=5
             )
             return bool(result.stdout.strip())
-        except:
+        except subprocess.TimeoutExpired:
+            logger.warning(f"Git remote check timed out for {repo_path}")
+            return False
+        except OSError as e:
+            logger.warning(f"Failed to check git remotes for {repo_path}: {e}")
+            return False
+        except Exception as e:
+            logger.error(f"Unexpected error checking git remotes for {repo_path}: {e}")
             return False
 
     @staticmethod
     def get_branches_safe(repo_path: Path) -> list[str]:
-        """Get list of branches without triggering authentication."""
+        """Get list of branches without triggering authentication.
+
+        Args:
+            repo_path: Path to the git repository
+
+        Returns:
+            List of branch names, defaults to common branch names if detection fails
+        """
         branches = []
 
         # Get local branches
@@ -135,11 +156,16 @@ class SubprocessGit:
             if result.returncode == 0:
                 branches = [b.strip() for b in result.stdout.split("\n") if b.strip()]
 
-        except:
-            pass
+        except subprocess.TimeoutExpired:
+            logger.warning(f"Git branch listing timed out for {repo_path}")
+        except OSError as e:
+            logger.warning(f"Failed to list git branches for {repo_path}: {e}")
+        except Exception as e:
+            logger.error(f"Unexpected error listing git branches for {repo_path}: {e}")
 
         # Default to common branch names if none found
         if not branches:
+            logger.info(f"No branches detected for {repo_path}, using default branch names")
             branches = ["main", "master", "develop"]
 
         return branches

gitflow_analytics/identity_llm/analysis_pass.py

@@ -150,23 +150,33 @@ class IdentityAnalysisPass:
         # Merge new mappings
         existing_emails = set()
         for mapping in existing_mappings:
-            existing_emails.add(mapping.get("canonical_email", "").lower())
+            # Support both canonical_email and primary_email for backward compatibility
+            email = mapping.get("canonical_email") or mapping.get("primary_email", "")
+            existing_emails.add(email.lower())
 
         for new_mapping in new_mappings:
-            canonical_email = new_mapping["canonical_email"].lower()
+            # New mappings use primary_email
+            canonical_email = new_mapping["primary_email"].lower()
             if canonical_email not in existing_emails:
                 existing_mappings.append(new_mapping)
                 logger.info(f"Added identity mapping for: {canonical_email}")
             else:
                 # Update existing mapping with new aliases
                 for existing in existing_mappings:
-                    if existing.get("canonical_email", "").lower() == canonical_email:
+                    existing_email = existing.get("canonical_email") or existing.get(
+                        "primary_email", ""
+                    )
+                    if existing_email.lower() == canonical_email:
                         existing_aliases = set(
                             alias.lower() for alias in existing.get("aliases", [])
                         )
                         new_aliases = set(alias.lower() for alias in new_mapping["aliases"])
                         combined_aliases = existing_aliases | new_aliases
                         existing["aliases"] = list(combined_aliases)
+                        # Update confidence and reasoning if new mapping has higher confidence
+                        if new_mapping.get("confidence", 0) > existing.get("confidence", 0):
+                            existing["confidence"] = new_mapping.get("confidence")
+                            existing["reasoning"] = new_mapping.get("reasoning")
                         if new_aliases - existing_aliases:
                             logger.info(f"Updated aliases for: {canonical_email}")
                         break

gitflow_analytics/identity_llm/analyzer.py

@@ -20,9 +20,15 @@ class LLMIdentityAnalyzer:
         self,
         api_key: Optional[str] = None,
         model: str = "openai/gpt-4o-mini",
-        confidence_threshold: float = 0.8,
+        confidence_threshold: float = 0.9,
     ):
-        """Initialize the LLM identity analyzer."""
+        """Initialize the LLM identity analyzer.
+
+        Args:
+            api_key: OpenRouter API key for LLM-based analysis
+            model: LLM model to use (default: openai/gpt-4o-mini)
+            confidence_threshold: Minimum confidence for identity matches (default: 0.9 = 90%)
+        """
         self.api_key = api_key
         self.model = model
         self.confidence_threshold = confidence_threshold
@@ -371,6 +377,12 @@ Respond with a JSON object:
 
             confidence = float(data.get("confidence", 0.8))
             if confidence < self.confidence_threshold:
+                # Log why this cluster was rejected
+                cluster_emails = [id.email for id in cluster_identities]
+                logger.info(
+                    f"Rejected identity cluster: {', '.join(cluster_emails)} "
+                    f"(confidence {confidence:.1%} < threshold {self.confidence_threshold:.1%})"
+                )
                 return None
 
             # Find canonical identity

gitflow_analytics/identity_llm/models.py

@@ -54,7 +54,10 @@ class IdentityAnalysisResult:
     analysis_metadata: dict[str, any] = field(default_factory=dict)
 
     def get_manual_mappings(self) -> list[dict[str, any]]:
-        """Convert to manual mappings format for config."""
+        """Convert to manual mappings format for config.
+
+        Returns mappings with confidence scores and reasoning for display.
+        """
         mappings = []
         for cluster in self.clusters:
             if len(cluster.aliases) > 0:
@@ -64,6 +67,9 @@ class IdentityAnalysisResult:
                     mapping["name"] = cluster.preferred_display_name
                 mapping["primary_email"] = cluster.canonical_email
                 mapping["aliases"] = [alias.email for alias in cluster.aliases]
+                # Include confidence and reasoning for user review
+                mapping["confidence"] = cluster.confidence
+                mapping["reasoning"] = cluster.reasoning[:100]  # Truncate for readability
                 mappings.append(mapping)
         return mappings
 

gitflow_analytics/qualitative/classifiers/llm/openai_client.py

@@ -330,13 +330,15 @@ class OpenAIClassifier(BaseLLMClassifier):
             )
         except requests.exceptions.Timeout as e:
             logger.error(f"API request timed out after {self.config.timeout_seconds}s: {e}")
-            raise Exception(f"API request timed out after {self.config.timeout_seconds} seconds")
+            raise Exception(
+                f"API request timed out after {self.config.timeout_seconds} seconds"
+            ) from e
         except requests.exceptions.ConnectionError as e:
             logger.error(f"Connection error during API request: {e}")
-            raise Exception(f"Connection error: Unable to reach API at {url}")
+            raise Exception(f"Connection error: Unable to reach API at {url}") from e
         except requests.exceptions.RequestException as e:
             logger.error(f"Request failed: {e}")
-            raise Exception(f"Request failed: {str(e)}")
+            raise Exception(f"Request failed: {str(e)}") from e
 
         # Check response
         if response.status_code != 200:

gitflow_analytics/security/config.py

@@ -1,7 +1,7 @@
 """Security configuration module."""
 
 from dataclasses import dataclass, field
-from typing import Dict, List, Optional
+from typing import Optional
 
 
 @dataclass
@@ -9,7 +9,7 @@ class SecretScanningConfig:
     """Configuration for secret detection."""
 
     enabled: bool = True
-    patterns: Dict[str, str] = field(
+    patterns: dict[str, str] = field(
         default_factory=lambda: {
             # AWS
             "aws_access_key": r"AKIA[0-9A-Z]{16}",
@@ -36,7 +36,7 @@ class SecretScanningConfig:
         }
     )
     entropy_threshold: float = 4.5
-    exclude_paths: List[str] = field(
+    exclude_paths: list[str] = field(
         default_factory=lambda: [
             "*.test.*",
             "*.spec.*",
@@ -58,7 +58,7 @@ class VulnerabilityScanningConfig:
 
     # Tool-specific configurations
     enable_semgrep: bool = True
-    semgrep_rules: List[str] = field(
+    semgrep_rules: list[str] = field(
         default_factory=lambda: [
             "auto",  # Use Semgrep's auto configuration
             "p/security-audit",
@@ -74,7 +74,7 @@ class VulnerabilityScanningConfig:
     enable_brakeman: bool = False  # Ruby on Rails
 
     # Custom patterns for quick checks
-    vulnerability_patterns: Dict[str, str] = field(
+    vulnerability_patterns: dict[str, str] = field(
         default_factory=lambda: {
             "sql_injection": r"(SELECT|DELETE|INSERT|UPDATE|DROP).*\+.*(?:request|params|input)",
             "command_injection": r"(exec|eval|system|popen|subprocess).*\+.*(?:request|params|input)",
@@ -160,7 +160,7 @@ class SecurityConfig:
     scan_timeout_seconds: int = 30
 
     @classmethod
-    def from_dict(cls, data: Dict) -> "SecurityConfig":
+    def from_dict(cls, data: dict) -> "SecurityConfig":
         """Create SecurityConfig from dictionary."""
         if not data:
             return cls()

gitflow_analytics/security/extractors/dependency_checker.py

@@ -4,7 +4,7 @@ import json
 import logging
 import re
 from pathlib import Path
-from typing import Any, Dict, List
+from typing import Any
 
 import toml
 
@@ -23,7 +23,7 @@ class DependencyChecker:
         self.config = config
         self.vulnerability_cache = {}
 
-    def check_files(self, files_changed: List[str], repo_path: Path) -> List[Dict]:
+    def check_files(self, files_changed: list[str], repo_path: Path) -> list[dict]:
         """Check dependency files for vulnerable packages.
 
         Args:
@@ -68,7 +68,7 @@ class DependencyChecker:
         file_name = Path(file_path).name
         return file_name in dependency_files
 
-    def _check_dependency_file(self, file_path: Path, relative_path: str) -> List[Dict]:
+    def _check_dependency_file(self, file_path: Path, relative_path: str) -> list[dict]:
         """Check a specific dependency file for vulnerabilities."""
         findings = []
         file_name = file_path.name
@@ -99,7 +99,7 @@ class DependencyChecker:
 
         return findings
 
-    def _parse_package_json(self, file_path: Path) -> Dict[str, str]:
+    def _parse_package_json(self, file_path: Path) -> dict[str, str]:
         """Parse package.json for dependencies."""
         dependencies = {}
 
@@ -120,7 +120,7 @@ class DependencyChecker:
 
         return dependencies
 
-    def _parse_requirements_txt(self, file_path: Path) -> Dict[str, str]:
+    def _parse_requirements_txt(self, file_path: Path) -> dict[str, str]:
         """Parse requirements.txt for Python packages."""
         dependencies = {}
 
@@ -143,7 +143,7 @@ class DependencyChecker:
 
         return dependencies
 
-    def _parse_pyproject_toml(self, file_path: Path) -> Dict[str, str]:
+    def _parse_pyproject_toml(self, file_path: Path) -> dict[str, str]:
         """Parse pyproject.toml for Python dependencies."""
         dependencies = {}
 
@@ -183,7 +183,7 @@ class DependencyChecker:
 
         return dependencies
 
-    def _parse_go_mod(self, file_path: Path) -> Dict[str, str]:
+    def _parse_go_mod(self, file_path: Path) -> dict[str, str]:
         """Parse go.mod for Go dependencies."""
         dependencies = {}
 
@@ -211,7 +211,7 @@ class DependencyChecker:
 
         return dependencies
 
-    def _parse_gemfile(self, file_path: Path) -> Dict[str, str]:
+    def _parse_gemfile(self, file_path: Path) -> dict[str, str]:
         """Parse Gemfile for Ruby dependencies."""
         dependencies = {}
 
@@ -232,7 +232,7 @@ class DependencyChecker:
 
         return dependencies
 
-    def _check_npm_dependencies(self, dependencies: Dict[str, str], file_path: str) -> List[Dict]:
+    def _check_npm_dependencies(self, dependencies: dict[str, str], file_path: str) -> list[dict]:
         """Check NPM packages for vulnerabilities using GitHub Advisory Database."""
         findings = []
 
@@ -259,8 +259,8 @@ class DependencyChecker:
         return findings
 
     def _check_python_dependencies(
-        self, dependencies: Dict[str, str], file_path: str
-    ) -> List[Dict]:
+        self, dependencies: dict[str, str], file_path: str
+    ) -> list[dict]:
         """Check Python packages for vulnerabilities."""
         findings = []
 
@@ -286,7 +286,7 @@ class DependencyChecker:
 
         return findings
 
-    def _check_go_dependencies(self, dependencies: Dict[str, str], file_path: str) -> List[Dict]:
+    def _check_go_dependencies(self, dependencies: dict[str, str], file_path: str) -> list[dict]:
         """Check Go modules for vulnerabilities."""
         findings = []
 
@@ -312,7 +312,7 @@ class DependencyChecker:
 
         return findings
 
-    def _check_ruby_dependencies(self, dependencies: Dict[str, str], file_path: str) -> List[Dict]:
+    def _check_ruby_dependencies(self, dependencies: dict[str, str], file_path: str) -> list[dict]:
         """Check Ruby gems for vulnerabilities."""
         findings = []
 
@@ -338,7 +338,7 @@ class DependencyChecker:
 
     def _query_vulnerability_db(
         self, ecosystem: str, package: str, package_version: str
-    ) -> List[Dict]:
+    ) -> list[dict]:
         """Query vulnerability database for package vulnerabilities.
 
         This is a simplified implementation. In production, you would: