strict-module 0.5.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. strict_module-0.5.0/.github/workflows/ci.yml +25 -0
  2. strict_module-0.5.0/.github/workflows/no-ai-attribution.yml +73 -0
  3. strict_module-0.5.0/.github/workflows/publish.yml +35 -0
  4. strict_module-0.5.0/.github/workflows/ruff.yml +29 -0
  5. strict_module-0.5.0/.github/workflows/strict-module.yml +30 -0
  6. strict_module-0.5.0/.gitignore +44 -0
  7. strict_module-0.5.0/CHANGELOG.md +160 -0
  8. strict_module-0.5.0/CODE_OF_CONDUCT.md +34 -0
  9. strict_module-0.5.0/CONTRIBUTING.md +30 -0
  10. strict_module-0.5.0/LICENSE +201 -0
  11. strict_module-0.5.0/PKG-INFO +740 -0
  12. strict_module-0.5.0/README.md +710 -0
  13. strict_module-0.5.0/SECURITY.md +18 -0
  14. strict_module-0.5.0/VERIFICATION.txt +96 -0
  15. strict_module-0.5.0/example/dto-strict-workflow.yml +20 -0
  16. strict_module-0.5.0/pyproject.toml +81 -0
  17. strict_module-0.5.0/strict_module/__init__.py +7 -0
  18. strict_module-0.5.0/strict_module/checkers.py +806 -0
  19. strict_module-0.5.0/strict_module/cli.py +152 -0
  20. strict_module-0.5.0/strict_module/config/__init__.py +6 -0
  21. strict_module-0.5.0/strict_module/config/_config.py +97 -0
  22. strict_module-0.5.0/strict_module/config/_version.py +3 -0
  23. strict_module-0.5.0/strict_module/linter.py +212 -0
  24. strict_module-0.5.0/strict_module/loc_cap.py +228 -0
  25. strict_module-0.5.0/strict_module/py.typed +0 -0
  26. strict_module-0.5.0/strict_module/rules.py +362 -0
  27. strict_module-0.5.0/tests/fixtures/bad/r001_bad_param.py +13 -0
  28. strict_module-0.5.0/tests/fixtures/bad/r001_bad_return.py +13 -0
  29. strict_module-0.5.0/tests/fixtures/bad/r002_bad_inline.py +22 -0
  30. strict_module-0.5.0/tests/fixtures/bad/r002_bad_non_serializer.py +32 -0
  31. strict_module-0.5.0/tests/fixtures/bad/r003_bad_dataclass.py +26 -0
  32. strict_module-0.5.0/tests/fixtures/bad/r004_bad_facade.py +16 -0
  33. strict_module-0.5.0/tests/fixtures/bad/r005_bad_validator.py +18 -0
  34. strict_module-0.5.0/tests/fixtures/bad/test_r007_bad_fixtures.py +14 -0
  35. strict_module-0.5.0/tests/fixtures/bad/test_r008_bad_bare_test_functions.py +17 -0
  36. strict_module-0.5.0/tests/fixtures/good/r001_good_basic.py +29 -0
  37. strict_module-0.5.0/tests/fixtures/good/r002_good_dict.py +27 -0
  38. strict_module-0.5.0/tests/fixtures/good/r002_good_serializer.py +37 -0
  39. strict_module-0.5.0/tests/fixtures/good/r002_multiple_dataclass_serializers.py +54 -0
  40. strict_module-0.5.0/tests/fixtures/good/r003_good_dataclass.py +20 -0
  41. strict_module-0.5.0/tests/fixtures/good/r004_good_facade.py +19 -0
  42. strict_module-0.5.0/tests/fixtures/good/r005_good_validator.py +36 -0
  43. strict_module-0.5.0/tests/fixtures/good/test_r008_good_test_class.py +22 -0
  44. strict_module-0.5.0/tests/test_baseline_ratchet.py +154 -0
  45. strict_module-0.5.0/tests/test_cli.py +94 -0
  46. strict_module-0.5.0/tests/test_compat_fallback.py +98 -0
  47. strict_module-0.5.0/tests/test_config_loading.py +46 -0
  48. strict_module-0.5.0/tests/test_github_format.py +68 -0
  49. strict_module-0.5.0/tests/test_loc_cap.py +289 -0
  50. strict_module-0.5.0/tests/test_loc_cap_test_exemption.py +77 -0
  51. strict_module-0.5.0/tests/test_noqa.py +132 -0
  52. strict_module-0.5.0/tests/test_noqa_r002.py +253 -0
  53. strict_module-0.5.0/tests/test_r001_dict_str_any.py +46 -0
  54. strict_module-0.5.0/tests/test_r001_strict_collections.py +108 -0
  55. strict_module-0.5.0/tests/test_r002_annotated_constants.py +158 -0
  56. strict_module-0.5.0/tests/test_r002_configurable_threshold.py +133 -0
  57. strict_module-0.5.0/tests/test_r002_inline_dict.py +37 -0
  58. strict_module-0.5.0/tests/test_r002_justification.py +98 -0
  59. strict_module-0.5.0/tests/test_r002_multiple_dataclass_regression.py +65 -0
  60. strict_module-0.5.0/tests/test_r002_serializer_exemption.py +50 -0
  61. strict_module-0.5.0/tests/test_r003_canonical.py +94 -0
  62. strict_module-0.5.0/tests/test_r003_dataclass_trio.py +38 -0
  63. strict_module-0.5.0/tests/test_r003_strict_relaxed.py +173 -0
  64. strict_module-0.5.0/tests/test_r004_auto_detect.py +134 -0
  65. strict_module-0.5.0/tests/test_r004_module_facade.py +38 -0
  66. strict_module-0.5.0/tests/test_r005_validator_pattern.py +37 -0
  67. strict_module-0.5.0/tests/test_r006_any.py +107 -0
  68. strict_module-0.5.0/tests/test_r007_fixtures.py +56 -0
  69. strict_module-0.5.0/tests/test_r008_test_functions.py +42 -0
  70. strict_module-0.5.0/tests/test_service_test_exemption.py +113 -0
  71. strict_module-0.5.0/uv.lock +295 -0
@@ -0,0 +1,25 @@
1
+ name: CI
2
+
3
+ on:
4
+ pull_request:
5
+ push:
6
+ branches: [main]
7
+
8
+ jobs:
9
+ test:
10
+ runs-on: ubuntu-latest
11
+ strategy:
12
+ matrix:
13
+ python-version: ["3.11", "3.12"]
14
+ steps:
15
+ - uses: actions/checkout@v4
16
+ - uses: actions/setup-python@v5
17
+ with:
18
+ python-version: ${{ matrix.python-version }}
19
+ - name: Install
20
+ run: pip install -e .[dev]
21
+ - name: Test
22
+ run: pytest tests/ -v
23
+ - name: Dogfood lint
24
+ run: strict-module strict_module/ --format github
25
+ continue-on-error: true
@@ -0,0 +1,73 @@
1
+ name: Attribution Gate
2
+
3
+ # Server-side enforcement: rejects pushes/PRs whose commit messages contain
4
+ # Claude/Anthropic attribution. Catches GitHub squash-merge propagation that
5
+ # bypasses local commit-msg, pre-push, and PreToolUse hooks.
6
+ #
7
+ # Per-repo copy of the canonical attribution gate.
8
+
9
+ on:
10
+ push:
11
+ pull_request:
12
+
13
+ permissions:
14
+ contents: read
15
+ pull-requests: read
16
+
17
+ jobs:
18
+ scan:
19
+ name: Scan commit messages for attribution
20
+ runs-on: ubuntu-latest
21
+ steps:
22
+ - name: Checkout (full history)
23
+ uses: actions/checkout@v4
24
+ with:
25
+ fetch-depth: 0
26
+
27
+ - name: Determine commit range
28
+ id: range
29
+ env:
30
+ EVENT_NAME: ${{ github.event_name }}
31
+ PR_BASE: ${{ github.event.pull_request.base.sha }}
32
+ PR_HEAD: ${{ github.event.pull_request.head.sha }}
33
+ PUSH_BEFORE: ${{ github.event.before }}
34
+ PUSH_AFTER: ${{ github.event.after }}
35
+ run: |
36
+ set -euo pipefail
37
+ if [ "$EVENT_NAME" = "pull_request" ]; then
38
+ BASE="$PR_BASE"
39
+ HEAD="$PR_HEAD"
40
+ else
41
+ BASE="$PUSH_BEFORE"
42
+ HEAD="$PUSH_AFTER"
43
+ if [ "$BASE" = "0000000000000000000000000000000000000000" ] || [ -z "$BASE" ]; then
44
+ git fetch origin main:refs/remotes/origin/main 2>/dev/null || true
45
+ BASE=$(git merge-base origin/main "$HEAD" 2>/dev/null || git rev-list --max-parents=0 "$HEAD" | tail -1)
46
+ fi
47
+ fi
48
+ echo "base=$BASE" >> "$GITHUB_OUTPUT"
49
+ echo "head=$HEAD" >> "$GITHUB_OUTPUT"
50
+
51
+ - name: Scan for Claude/Anthropic attribution
52
+ env:
53
+ BASE: ${{ steps.range.outputs.base }}
54
+ HEAD: ${{ steps.range.outputs.head }}
55
+ PATTERN: 'co-authored-by.*(claude|anthropic)|generated with claude|@claude|noreply@anthropic|🤖'
56
+ run: |
57
+ set -uo pipefail
58
+ OFFENDING=""
59
+ for sha in $(git rev-list "$BASE..$HEAD"); do
60
+ MSG=$(git log -1 --pretty=format:"%B" "$sha")
61
+ if echo "$MSG" | grep -qiE "$PATTERN"; then
62
+ AUTHOR=$(git log -1 --pretty=format:"%an" "$sha")
63
+ SUBJECT=$(git log -1 --pretty=format:"%s" "$sha")
64
+ OFFENDING="${OFFENDING} ${sha:0:8} | author=${AUTHOR} | ${SUBJECT}"$'\n'
65
+ fi
66
+ done
67
+ if [ -n "$OFFENDING" ]; then
68
+ echo "::error::Claude/Anthropic attribution detected in commit messages"
69
+ echo "Offending commits in range $BASE..$HEAD:"
70
+ printf '%s' "$OFFENDING"
71
+ exit 1
72
+ fi
73
+ echo "OK: no attribution detected in $BASE..$HEAD"
@@ -0,0 +1,35 @@
1
+ name: Publish to PyPI
2
+
3
+ on:
4
+ release:
5
+ types: [published]
6
+
7
+ jobs:
8
+ publish:
9
+ name: Build + publish
10
+ runs-on: ubuntu-latest
11
+ environment: pypi # second-layer GitHub deployment-environment gate
12
+ permissions:
13
+ id-token: write # OIDC trusted publisher
14
+ contents: read
15
+
16
+ steps:
17
+ - name: Checkout
18
+ uses: actions/checkout@v4
19
+
20
+ - name: Set up Python
21
+ uses: actions/setup-python@v5
22
+ with:
23
+ python-version: '3.12'
24
+
25
+ - name: Install build deps
26
+ run: python -m pip install --upgrade build
27
+
28
+ - name: Build sdist + wheel
29
+ run: python -m build
30
+
31
+ - name: Verify artifacts
32
+ run: python -m pip install --upgrade twine && python -m twine check dist/*
33
+
34
+ - name: Publish to PyPI
35
+ uses: pypa/gh-action-pypi-publish@release/v1
@@ -0,0 +1,29 @@
1
+ name: Ruff
2
+
3
+ # Ruff lint + format check. Pinned to 0.15.14 to match local version.
4
+ # Format drift was previously undetected; this gate prevents future drift.
5
+
6
+ on:
7
+ pull_request:
8
+ push:
9
+ branches: [main]
10
+
11
+ concurrency:
12
+ group: ${{ github.workflow }}-${{ github.ref }}
13
+ cancel-in-progress: true
14
+
15
+ permissions:
16
+ contents: read
17
+
18
+ jobs:
19
+ ruff:
20
+ runs-on: ubuntu-latest
21
+ steps:
22
+ - uses: actions/checkout@v4
23
+ - uses: astral-sh/setup-uv@v4
24
+ with:
25
+ enable-cache: true
26
+ - name: Ruff lint
27
+ run: uvx ruff@0.15.14 check strict_module/
28
+ - name: Ruff format check
29
+ run: uvx ruff@0.15.14 format --check strict_module/
@@ -0,0 +1,30 @@
1
+ name: strict-module
2
+
3
+ # DTO-discipline lint (frozen+slots, facade-ban, R001-R006). Per-repo copy of
4
+ # the canonical gate; runs on the strict-module package itself (self-lint).
5
+ # Lint step: source directory only.
6
+
7
+ on:
8
+ pull_request:
9
+ push:
10
+ branches: [main]
11
+
12
+ concurrency:
13
+ group: ${{ github.workflow }}-${{ github.ref }}
14
+ cancel-in-progress: true
15
+
16
+ permissions:
17
+ contents: read
18
+
19
+ jobs:
20
+ lint:
21
+ runs-on: ubuntu-latest
22
+ steps:
23
+ - uses: actions/checkout@v4
24
+ - uses: astral-sh/setup-uv@v4
25
+ with:
26
+ enable-cache: true
27
+ - name: Install Python 3.12
28
+ run: uv python install 3.12
29
+ - name: Run strict-module
30
+ run: uv run --python 3.12 python -m strict_module.cli strict_module/ --format github
@@ -0,0 +1,44 @@
1
+ __pycache__/
2
+ *.py[cod]
3
+ *$py.class
4
+ *.so
5
+ .Python
6
+ build/
7
+ develop-eggs/
8
+ dist/
9
+ downloads/
10
+ eggs/
11
+ .eggs/
12
+ lib/
13
+ lib64/
14
+ parts/
15
+ sdist/
16
+ var/
17
+ wheels/
18
+ pip-wheel-metadata/
19
+ share/python-wheels/
20
+ *.egg-info/
21
+ .installed.cfg
22
+ *.egg
23
+ MANIFEST
24
+ .pytest_cache/
25
+ .coverage
26
+ .coverage.*
27
+ .cache
28
+ nosetests.xml
29
+ coverage.xml
30
+ *.cover
31
+ *.py,cover
32
+ .hypothesis/
33
+ .venv
34
+ env/
35
+ venv/
36
+ ENV/
37
+ env.bak/
38
+ venv.bak/
39
+ .idea/
40
+ .vscode/
41
+ *.swp
42
+ *.swo
43
+ *~
44
+ .DS_Store
@@ -0,0 +1,160 @@
1
+ # Changelog
2
+
3
+ All notable changes to this project will be documented in this file.
4
+
5
+ ## [Unreleased]
6
+
7
+ ### Added
8
+
9
+ ### Changed
10
+
11
+ ### Fixed
12
+
13
+ ## [0.5.0] - 2026-07-06
14
+
15
+ ### Changed
16
+
17
+ - **Package renamed from `dto-strict` to `strict-module`** - Renamed to follow category-first naming conventions (strict- prefix). GitHub repository renamed to `github.com/jekhator/strict-module`. PyPI package name updated to `strict-module`.
18
+ - **Flattened package layout** - Source code moved from `src/dto_strict/` to `strict_module/` at repository root, adopting the suite's standard flat-namespace layout.
19
+ - **Version single-sourced in `strict_module/config/_version.py`** - Eliminates version drift between package metadata and source. Hatch now dynamically reads version from this file.
20
+
21
+ ### Added
22
+
23
+ - **Backward-compatible config fallbacks** - Configuration loading now checks `[tool.strict-module]` first, then falls back to `[tool.dto-strict]` for compatibility with existing codebases. Both are supported; new code should use `[tool.strict-module]`.
24
+ - **Backward-compatible baseline fallbacks** - Baseline file loading checks `.strict-module-baseline.json` first, then falls back to `.dto-strict-baseline.json`.
25
+ - **Entry point alias** - The `dto-strict` CLI command remains available as a backward-compatibility alias, pointing to the same implementation as the new `strict-module` command.
26
+ - **Comprehensive compatibility tests** - New test suite (`test_compat_fallback.py`) covers config and baseline file fallback scenarios.
27
+
28
+ ### Deprecated
29
+
30
+ - `[tool.dto-strict]` configuration section - use `[tool.strict-module]` instead. Old section still works but will be removed in v1.0.
31
+ - `dto-strict` CLI command name - use `strict-module` instead. Old name still works but will be removed in v1.0.
32
+ - `.dto-strict-baseline.json` filename - use `.strict-module-baseline.json` instead. Old filename still works but will be removed in v1.0.
33
+
34
+ ## [0.4.1] - 2026-06-11
35
+
36
+ ### Fixed
37
+
38
+ - **R002 no longer false-positives on dict literals returned from to_* serializer methods** - Dict literals returned from methods whose name starts with `to_` in a `@dataclass`-decorated class are now correctly exempted. The returned dict is the dataclass's serialized output, not an unconverted business shape. Non-dataclass classes and non-`to_*` methods remain flagged as before. Example: `class UserDTO` with `def to_dict(self) -> dict: return {"id": self.id, "name": self.name, "email": self.email}` now passes (no R002 violation).
39
+
40
+ - **`dto-strict loc-cap` now exempts test files from the line-of-code cap** - Test files are automatically excluded from LOC enforcement, mirroring the v0.4.0 lint exemption set. A file is a test file if its basename is `conftest.py`, matches `test_*.py`, or is under a `tests/` directory. This prevents test fixtures and test helpers from inflating LOC metrics. Baseline files remain unaffected; improvements in test files are still reflected in ratchet calculations.
41
+
42
+ ### Changed
43
+
44
+ - `is_test_file()` utility now checks for `/tests/` directory path segments in addition to basename patterns. This enables `loc-cap` to properly exempt test files found anywhere under a `tests/` directory structure.
45
+
46
+ ## [0.4.0] - 2026-06-07
47
+
48
+ ### Added
49
+
50
+ - **Test file exemption from DTO rules (R001, R004, R006)** - Service-layer rules (R001, R004, R006) now automatically exempt test files from linting. A file is considered a test file if its basename is `conftest.py`, matches `test_*.py`, or contains a `/tests/` path segment. This prevents false positives in test fixtures and test helpers that may use `Dict[str, Any]`, module-level functions, or `typing.Any` for legitimate testing purposes.
51
+
52
+ - **R007 - Pytest fixtures must be in conftest.py** - New rule that flags `@pytest.fixture` decorators defined in test files other than `conftest.py`. Fixtures are test infrastructure and belong in the module-level fixtures file (conftest.py), not scattered across test modules. Rule applies only to test files (basename `conftest.py`, `test_*.py`, or under `/tests/`).
53
+
54
+ - **R008 - Bare module-level test functions** - New rule that flags test functions (matching `def test_*`) defined at module level in test files. Test functions must be organized into `Test<Concern>` classes for clarity and pytest discovery. Rule applies only to test files.
55
+
56
+ ### Changed
57
+
58
+ - `is_service_path()` and `is_dto_path()` now check `is_test_file()` before pattern matching, ensuring test files never match service or DTO paths regardless of naming.
59
+
60
+ ### Improved
61
+
62
+ - Configuration section for pytest discipline rules now documented in README (new "Pytest Discipline" section).
63
+
64
+ ## [0.3.0] - 2026-06-04
65
+
66
+ ### Added
67
+
68
+ - **`dto-strict loc-cap` subcommand - per-file LOC-cap ratchet enforcer** - New CLI subcommand for enforcing line-of-code limits on Python files with configurable hard/soft caps and baseline-driven ratcheting. Ported from the per-repo `check_loc_cap.py` pattern into dto-strict's unified command surface.
69
+ - **Hard cap** (default: 694 LOC) - fails the check if any file exceeds this limit (NEW offenders fail immediately; baselined files that grew also fail).
70
+ - **Soft target** (default: 500 LOC) - warnings for files exceeding soft target but under hard cap (suggest decomposition).
71
+ - **Ratchet baseline** (via `--baseline .loc-cap-baseline.txt` or config `[tool.dto-strict.loc-cap].baseline_file`) - baselined files cannot exceed their recorded LOC; improvements are allowed.
72
+ - **Generate baseline** (via `--generate-baseline`) - outputs baseline in `path:loc` format (sorted by LOC descending) for capture into version control.
73
+ - CLI flags: `--hard-cap`, `--soft-target`, `--baseline`, `--generate-baseline`, `--config` (pyproject.toml path).
74
+ - Pyproject config section: `[tool.dto-strict.loc-cap]` with keys `hard_cap`, `soft_target`, `baseline_file` (CLI flags take precedence).
75
+ - Exclusion patterns: `migrations`, `management/commands` (hardcoded, Django-scoped).
76
+ - Exit code: 0 for pass (soft warnings allowed), 1 for hard violations.
77
+
78
+ ### Changed
79
+
80
+ - **CLI now dispatches on subcommand**: `sys.argv[1] == "loc-cap"` routes to `handle_loc_cap()` before standard argparse. Bare `dto-strict <path>` DTO-discipline lint is unchanged (backcompat preserved).
81
+ - **Added tomli backport dependency** for Python 3.10 (tomllib native in 3.11+), enabling pyproject.toml parsing for loc-cap config in both Python versions.
82
+
83
+ ### Improved
84
+
85
+ - Configuration now loads `[tool.dto-strict.loc-cap]` section from pyproject.toml alongside existing `[tool.dto-strict]` linter options.
86
+ ## [0.2.2] - 2026-05-22
87
+
88
+ ### Fixed
89
+
90
+ - **R002 no longer false-positives on annotated module-level / class-level constants** - Typed static data declarations like `DISPLAY_LABELS: dict[str, str] = {...}` are now correctly skipped. The explicit type annotation signals intent ("this is typed static data") distinct from R002's actual target ("inline dict literal as business shape in service code"). Now R002 skips:
91
+ - `ast.AnnAssign` at module scope (module-level typed constants)
92
+ - `ast.AnnAssign` inside class body (class-level typed constants)
93
+
94
+ Still flags:
95
+ - `ast.Assign` without annotation at module scope (ambiguous intent)
96
+ - Inline dict literals inside function bodies (original intent)
97
+ Regression tests added in `tests/test_r002_annotated_constants.py`.
98
+
99
+ - **Noqa suppression now correctly handles em-dashes and multi-line dicts** - v0.2.1's `has_noqa_comment` was broken for explanations using em-dashes (-) instead of hyphens (-). The function only stripped trailing hyphens (`-`), causing specs like `"dto-strict-R002 - explanation"` to remain unmatched. Now handles all dash variants: `-`, `–`, `-`. Additionally clarified that multi-line dict noqa comments must be on the opening brace line (ast node's `lineno`). Test suite `tests/test_noqa_r002.py` covers 7 scenarios: trailing-hyphen, trailing-emdash, opening-brace, no-noqa, wrong-rule, bare-noqa, and before-line (should NOT suppress).
100
+
101
+
102
+ ## [0.2.1] - 2026-05-21
103
+
104
+ ### Fixed
105
+
106
+ - **`has_noqa_comment` is now implemented** - Previously a stub returning False, suppression via `# noqa: dto-strict-RXXX` comments was silently broken. Now properly parses and recognizes:
107
+ - `# noqa` (suppresses all rules)
108
+ - `# noqa: dto-strict` (suppresses all dto-strict rules)
109
+ - `# noqa: dto-strict-R001` (suppresses specific rule)
110
+ - `# noqa: dto-strict-R001, dto-strict-R002` (suppresses multiple rules)
111
+ All checkers now honor suppression comments.
112
+
113
+ ### Documentation
114
+
115
+ - **Clarified R003 canonical-pivot wording** - Description now explicitly states "Flag `repr=False` in dataclasses (v0.2 canonical: plain `@dataclass(frozen=True, slots=True)` without `repr=False`)", making the v0.2 shift from v0.1 explicit.
116
+ - **Added "PHI / Sensitive Data Handling (Pattern 1)" section** - Explains the intentional move from blanket `repr=False` to explicit `__repr__` overrides on sensitive DTOs. Includes healthcare/HIPAA context and example code for masking PII fields.
117
+ - **Added "Suppressing Violations" section** - Documents the now-functional `# noqa: dto-strict-RXXX` syntax with practical examples.
118
+ - **Mentioned healthcare/HIPAA use case in "Why dto-strict?"** - Added context on why DTO discipline is critical in regulated healthcare systems managing patient records and compliance documents.
119
+
120
+ ## [0.2.0] - 2026-05-13
121
+
122
+ ### Added
123
+
124
+ - **Issue #1 - R004 auto-detect class-method-wrapping pattern**: R004 now auto-detects when module-level functions delegate to class methods, reducing false positives. Functions that exclusively wrap class methods (e.g., `return _service.method(...)` or `return ClassName.method(...)`) no longer require exception tags. Exception tags still work as override.
125
+
126
+ - **Issue #2 - R002 configurable min_dict_keys threshold**: R002 now supports a configurable `min_dict_keys` setting (default: 3). This allows teams to enforce stricter or looser inline dict literal thresholds. Configure in `pyproject.toml`:
127
+ ```toml
128
+ [tool.dto-strict]
129
+ min_dict_keys = 2 # Flag dicts with 2+ keys instead of 3+
130
+ ```
131
+
132
+ - **Issue #3 - R003 strict/relaxed modes for frozen+slots+repr=False trio**: R003 now supports `r003_strict_repr` mode (default: true in canonical mode).
133
+ - **Strict mode** (default): `repr=False` is flagged as anti-canonical. Canonical pattern is `@dataclass(frozen=True, slots=True)` WITHOUT `repr=False`.
134
+ - **Relaxed mode**: Only checks for `frozen=True, slots=True`; ignores `repr=False` (useful for gradual migrations). Configure:
135
+ ```toml
136
+ [tool.dto-strict]
137
+ r003_strict_repr = false # Enable relaxed mode
138
+ ```
139
+
140
+ - **Issue #4 - Baseline ratchet-from-baseline mode**: New `--generate-baseline` and `--baseline` CLI flags enable "technical debt ratcheting":
141
+ - `dto-strict apps/ --generate-baseline > .dto-strict-baseline.json` - Capture current violations as accepted debt.
142
+ - `dto-strict apps/ --baseline .dto-strict-baseline.json` - Subsequent runs accept baseline violations; new violations trigger failure (exit 1).
143
+ - Baseline entries are hashed by file + line + rule_id for stability against message wording changes.
144
+
145
+ ### Changed
146
+
147
+ - R003 canonical mode now defaults to `r003_strict_repr=true`, treating `repr=False` as anti-canonical and flagging it for removal.
148
+ - CLI argument `path` now optional when using `--generate-baseline` (path is required for normal linting).
149
+
150
+ ### Improved
151
+
152
+ - Configuration loading now supports `min_dict_keys` and `r003_strict_repr` options in `[tool.dto-strict]` section of `pyproject.toml`.
153
+
154
+ ### Bug Fixes
155
+
156
+ - None in v0.2.0.
157
+
158
+ ## [0.1.0] - Earlier Versions
159
+
160
+ See git history for prior releases.
@@ -0,0 +1,34 @@
1
+ # Code of Conduct
2
+
3
+ ## Our Commitment
4
+
5
+ We are committed to providing a welcoming and inclusive environment for all contributors. We pledge to make participation in this community a harassment-free experience regardless of age, body size, disability, ethnicity, gender identity, experience level, nationality, personal appearance, race, religion, sexual identity, or sexual orientation.
6
+
7
+ ## Our Standards
8
+
9
+ Examples of behavior that contribute to creating a positive environment include:
10
+
11
+ - Using welcoming and inclusive language
12
+ - Being respectful of differing opinions, viewpoints, and experiences
13
+ - Gracefully accepting constructive criticism
14
+ - Focusing on what is best for the community
15
+ - Showing empathy towards other community members
16
+
17
+ Examples of unacceptable behavior include:
18
+
19
+ - Harassment or discrimination of any kind
20
+ - Offensive comments related to protected characteristics
21
+ - Trolling, insulting comments, or personal attacks
22
+ - Public or private harassment
23
+ - Publishing others' private information without consent
24
+ - Other conduct which could reasonably be considered inappropriate in a professional setting
25
+
26
+ ## Enforcement
27
+
28
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the maintainers. All complaints will be reviewed and investigated.
29
+
30
+ The project maintainers are obligated to maintain confidentiality with regard to the reporter of an incident.
31
+
32
+ ## Attribution
33
+
34
+ This Code of Conduct is adapted from the Contributor Covenant, available at [https://www.contributor-covenant.org](https://www.contributor-covenant.org).
@@ -0,0 +1,30 @@
1
+ # Contributing
2
+
3
+ Issues and pull requests welcome. Please include fixtures (good and bad examples) for new rules.
4
+
5
+ When submitting a fix or feature:
6
+
7
+ 1. Ensure all tests pass: `python3.12 -m pytest tests/ -q`
8
+ 2. Format code: `ruff format src/ tests/`
9
+ 3. Lint code: `ruff check src/ tests/` and `dto-strict src/`
10
+ 4. Update CHANGELOG.md with your changes under an [Unreleased] section
11
+
12
+ ## Development Setup
13
+
14
+ ```bash
15
+ git clone https://github.com/jekhator/dto-strict.git
16
+ cd dto-strict
17
+ python3.12 -m venv .venv
18
+ source .venv/bin/activate
19
+ pip install -e ".[dev]"
20
+ ```
21
+
22
+ ## Running Tests
23
+
24
+ ```bash
25
+ python3.12 -m pytest tests/ -v
26
+ ```
27
+
28
+ ## License
29
+
30
+ All contributions are licensed under the Apache License 2.0. See LICENSE for details.
@@ -0,0 +1,201 @@
1
+ Apache License
2
+ Version 2.0, January 2004
3
+ http://www.apache.org/licenses/
4
+
5
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6
+
7
+ 1. Definitions.
8
+
9
+ "License" shall mean the terms and conditions for use, reproduction,
10
+ and distribution as defined by Sections 1 through 9 of this document.
11
+
12
+ "Licensor" shall mean the copyright owner or entity authorized by
13
+ the copyright owner that is granting the License.
14
+
15
+ "Legal Entity" shall mean the union of the acting entity and all
16
+ other entities that control, are controlled by, or are under common
17
+ control with that entity. For the purposes of this definition,
18
+ "control" means (i) the power, direct or indirect, to cause the
19
+ direction or management of such entity, whether by contract or
20
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
21
+ outstanding shares, or (iii) beneficial ownership of such entity.
22
+
23
+ "You" (or "Your") shall mean an individual or Legal Entity
24
+ exercising permissions granted by this License.
25
+
26
+ "Source" form shall mean the preferred form for making modifications,
27
+ including but not limited to software source code, documentation
28
+ source, and configuration files.
29
+
30
+ "Object" form shall mean any form resulting from mechanical
31
+ transformation of a Source form, including but not limited to
32
+ compiled object code, generated documentation, conversions to other
33
+ media types.
34
+
35
+ "Work" shall mean the work of authorship, whether in Source or
36
+ Object form, made available under the License, as indicated by a
37
+ copyright notice that is included in or attached to the work
38
+ (an example is provided in the Appendix below).
39
+
40
+ "Derivative Works" shall mean any work, whether in Source or Object
41
+ form, that is based on (or derived from) the Work for which the
42
+ editorial revisions, annotations, elaborations, or other modifications
43
+ represent, as a whole, an original work of authorship. For the purposes
44
+ of this License, Derivative Works shall not include works that remain
45
+ separable from, or merely link (or bind by name) to the interfaces of,
46
+ the Work and Derivative Works thereof.
47
+
48
+ "Contribution" shall mean any work of authorship, including
49
+ the original version of the Work and any modifications or additions
50
+ to that Work or Derivative Works thereof, that is intentionally
51
+ submitted to Licensor for inclusion in the Work by the copyright owner
52
+ or by an individual or Legal Entity authorized to submit on behalf of
53
+ the copyright owner. For the purposes of this definition, "submitted"
54
+ means any form of electronic, verbal, or written communication sent
55
+ to the Licensor or its representatives, including but not limited to
56
+ communication on electronic mailing lists, source code control systems,
57
+ and issue tracking systems that are managed by, or on behalf of, the
58
+ Licensor for the purpose of discussing and improving the Work, but
59
+ excluding communication that is conspicuously marked or otherwise
60
+ designated in writing by the copyright owner as "Not a Contribution."
61
+
62
+ "Contributor" shall mean Licensor and any individual or Legal Entity
63
+ on behalf of whom a Contribution has been received by Licensor and
64
+ subsequently incorporated within the Work.
65
+
66
+ 2. Grant of Copyright License. Subject to the terms and conditions of
67
+ this License, each Contributor grants to You a perpetual,
68
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69
+ copyright license to reproduce, prepare Derivative Works of,
70
+ publicly display, publicly perform, sublicense, and distribute the
71
+ Work and its Derivative Works in Source or Object form.
72
+
73
+ 3. Grant of Patent License. Subject to the terms and conditions of
74
+ this License, each Contributor grants to You a perpetual,
75
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76
+ (except as stated in this section) patent license to make, have made,
77
+ use, offer to sell, sell, import, and otherwise transfer the Work,
78
+ where such license applies only to those patent claims licensable
79
+ by such Contributor that are necessarily infringed by their
80
+ Contribution(s) alone or by combination of their Contribution(s)
81
+ with the Work to which such Contribution(s) was submitted. If You
82
+ institute patent litigation against any entity (including a
83
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
84
+ or a Contribution incorporated within the Work constitutes direct
85
+ or contributory patent infringement, then any patent licenses
86
+ granted to You under this License for that Work shall terminate
87
+ as of the date such litigation is filed.
88
+
89
+ 4. Redistribution. You may reproduce and distribute copies of the
90
+ Work or Derivative Works thereof in any medium, with or without
91
+ modifications, and in Source or Object form, provided that You
92
+ meet the following conditions:
93
+
94
+ (a) You must give to any other recipients of the Work or
95
+ Derivative Works a copy of this License; and
96
+
97
+ (b) You must cause any modified files to carry prominent notices
98
+ stating that You changed the files; and
99
+
100
+ (c) You must retain, in the Source form of any Derivative Works
101
+ that You distribute, all copyright, trademark, and
102
+ attribution notices from the Source form of the Work,
103
+ excluding those notices that do not pertain to any part of
104
+ the Derivative Works; and
105
+
106
+ (d) If the Work includes a "NOTICE" text file as part of its
107
+ distribution, then any Derivative Works that You distribute must
108
+ include a readable copy of the attribution notices contained
109
+ within such NOTICE file, excluding those notices that do not
110
+ pertain to any part of the Derivative Works, in at least one
111
+ of the following places: within a NOTICE text file distributed
112
+ as part of the Derivative Works; within the Source form or
113
+ documentation, if provided along with the Derivative Works; or,
114
+ within a display generated by the Derivative Works, if and
115
+ wherever such third-party notices normally appear. The contents
116
+ of the NOTICE file are for informational purposes only and
117
+ do not modify the License. You may add Your own attribution
118
+ notices within Derivative Works that You distribute, alongside
119
+ or as an addendum to the NOTICE text from the Work, provided
120
+ that such additional attribution notices cannot be construed
121
+ as modifying the License.
122
+
123
+ You may add Your own copyright statement to Your modifications and
124
+ may provide additional or different license terms and conditions
125
+ for use, reproduction, or distribution of Your modifications, or
126
+ for any such Derivative Works as a whole, provided Your use,
127
+ reproduction, and distribution of the Work otherwise complies with
128
+ the conditions stated in this License.
129
+
130
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
131
+ any Contribution intentionally submitted for inclusion in the Work
132
+ by You to the Licensor shall be under the terms and conditions of
133
+ this License, without any additional terms or conditions.
134
+ Notwithstanding the above, nothing herein shall supersede or modify
135
+ the terms of any separate license agreement you may have executed
136
+ with Licensor regarding such Contributions.
137
+
138
+ 6. Trademarks. This License does not grant permission to use the trade
139
+ names, trademarks, service marks, or product names of the Licensor,
140
+ except as required for reasonable and customary use in describing the
141
+ origin of the Work and reproducing the content of the NOTICE file.
142
+
143
+ 7. Disclaimer of Warranty. Unless required by applicable law or
144
+ agreed to in writing, Licensor provides the Work (each
145
+ Contributor provides its Contributions) on an "AS IS" BASIS,
146
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147
+ implied, including, without limitation, any warranties or conditions
148
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149
+ PARTICULAR PURPOSE. You are solely responsible for determining the
150
+ appropriateness of using or redistributing the Work and assume any
151
+ risks associated with Your exercise of permissions under this License.
152
+
153
+ 8. Limitation of Liability. In no event and under no legal theory,
154
+ whether in tort (including negligence), contract, or otherwise,
155
+ unless required by applicable law (such as deliberate and grossly
156
+ negligent acts) or agreed to in writing, shall any Contributor be
157
+ liable to You for damages, including any direct, indirect, special,
158
+ incidental, or consequential damages of any character arising as a
159
+ result of this License or out of the use or inability to use the
160
+ Work (including but not limited to damages for loss of goodwill,
161
+ work stoppage, computer failure or malfunction, or any and all
162
+ other commercial damages or losses), even if any Contributor
163
+ has been advised of the possibility of such damages.
164
+
165
+ 9. Accepting Warranty or Additional Liability. While redistributing
166
+ the Work or Derivative Works thereof, You may choose to offer,
167
+ and charge a fee for, acceptance of support, warranty, indemnity,
168
+ or other liability obligations and/or rights consistent with this
169
+ License. However, in accepting such obligations, You may act only
170
+ on Your own behalf and on Your sole responsibility, not on behalf
171
+ of any other Contributor, and only if You agree to indemnify,
172
+ defend, and hold each Contributor harmless for any liability
173
+ incurred by, or claims asserted against, such Contributor by reason
174
+ of your accepting any such warranty or additional liability.
175
+
176
+ END OF TERMS AND CONDITIONS
177
+
178
+ APPENDIX: How to apply the Apache License to your work.
179
+
180
+ To apply the Apache License to your work, attach the following
181
+ boilerplate notice, with the fields enclosed by brackets "[]"
182
+ replaced with your own identifying information. (Don't include
183
+ the brackets!) The text should be enclosed in the appropriate
184
+ comment syntax for the file type. We also recommend that a
185
+ file or class name and description of purpose be included on the
186
+ same "printed page" as the copyright notice for easier
187
+ identification within third-party archives.
188
+
189
+ Copyright 2026 James Ekhator
190
+
191
+ Licensed under the Apache License, Version 2.0 (the "License");
192
+ you may not use this file except in compliance with the License.
193
+ You may obtain a copy of the License at
194
+
195
+ http://www.apache.org/licenses/LICENSE-2.0
196
+
197
+ Unless required by applicable law or agreed to in writing, software
198
+ distributed under the License is distributed on an "AS IS" BASIS,
199
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200
+ See the License for the specific language governing permissions and
201
+ limitations under the License.