- Add pytest-cov to dev dependencies
- Add .coveragerc with branch coverage, 60% floor (current baseline),
and source/omit configuration
- Add coverage CI job (ubuntu/py3.13) that runs pytest with --cov,
enforces the floor, and uploads coverage.xml as an artifact
- Wire coverage into the required-checks-passed gate
Closes#2080
Move codeflash's own benchmarks to .codeflash/benchmarks/. Add
auto-discovery of .codeflash/benchmarks/ in codeflash compare and
benchmark mode -- when benchmarks-root is not explicitly configured,
the CLI checks for .codeflash/benchmarks/ before erroring.
Backwards compatible: users with existing benchmarks-root config
are unaffected. Docs continue to show tests/benchmarks as the
example path.
- Use try/except KeyError instead of .get() in file_to_path cache
(faster on hot path when key is usually present)
- Use os.path.basename() instead of Path().name in get_optimized_code_for_module
to avoid constructing Path objects from strings
- Disable PTH119 ruff rule to allow os.path.basename for performance
Replace fragile brace-counting string manipulation with tree-sitter
Groovy/Kotlin parsers to find the top-level dependencies block. This
correctly ignores nested blocks inside buildscript, subprojects, etc.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Maven Central is now the primary resolution path for the codeflash-runtime
JAR. Falls back to local dev build install for development workflows.
Excludes the bundled JAR from the PyPI wheel to save ~15MB.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove download_jar_to_cache() and related constants (MAVEN_CENTRAL_RUNTIME_URL,
CODEFLASH_JAR_CACHE_DIR) — the JAR isn't published to Maven Central yet so this
code always fails silently. The working path today is the bundled JAR in resources/.
Simplify _find_runtime_jar() from 5 steps to 3: ~/.m2 → bundled → dev build.
Add searchable MVN_CENTRAL_TODO markers at all 4 locations that need to change
once the JAR is published to Maven Central:
1. build_tools.py — uncomment resolve_from_maven_central()
2. test_runner.py _find_runtime_jar() — adjust resolution chain
3. test_runner.py _ensure_codeflash_runtime() — uncomment Maven Central call
4. pyproject.toml — exclude runtime JAR from wheel (~15MB savings)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Resolve 12 Dependabot security alerts by constraining vulnerable packages
to Python 3.10+ where patches are available:
Python dependencies:
- filelock: Pin <3.20.3 for Python 3.9, >=3.20.3 for Python 3.10+
(fixes TOCTOU symlink vulnerabilities CVE-2024-XXXXX)
- tensorflow: Only install on Python 3.10+ (brings keras >=3.12.1, pillow >=12.1.1)
(fixes 8 high-severity keras vulnerabilities including arbitrary code execution,
directory traversal, and 1 high-severity pillow out-of-bounds write)
JavaScript dependencies:
- vitest: Update to latest (4.0.18) in test fixture directory
(fixes moderate-severity esbuild SSRF vulnerability GHSA-67mh-4wv8-2f99)
Python 3.9 notes:
- filelock 3.19.1 has known TOCTOU vulnerabilities (medium severity)
- tensorflow/keras/pillow excluded from Python 3.9 test dependencies
- Python 3.9 reached EOL in October 2025, vulnerabilities are expected
All high-severity vulnerabilities are resolved for Python 3.10+.
Python 3.9 users should upgrade to 3.10+ for full security patches.
Drop .resolve() from ImportResolver, TestsCache, init_javascript,
create_pr, and filter_functions where callers already pass resolved
paths via CLI init or TestConfig.__post_init__. Also exclude test
and fixture dirs from mypy to match ruff/ty config.
crosshair-tool doesn't support Python 3.15 yet. The dependency is now
conditional on python_version < 3.15, with a runtime guard that skips
concolic test generation when the package is absent.
Replace deprecated license table format with modern license-files array
in both main package and codeflash-benchmark subpackage. This resolves
the setuptools deprecation warning about TOML table license format.
Changes:
- Use license-files = ["LICENSE"] instead of license = {text = "BSL-1.1"}
- Add LICENSE file to root directory
- Add LICENSE and README.md to codeflash-benchmark/
Add comparison support for PyArrow types including Table, RecordBatch,
Array, ChunkedArray, Scalar, Schema, Field, and DataType.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The codebase prefers explicit 'a if a else b' over 'a or b' pattern.
Disabled FURB110 (if-exp-instead-of-or-operator) rule to prevent
automatic conversion by the linter.
Co-authored-by: Kevin Turcios <KRRT7@users.noreply.github.com>
Replace pre-commit with prek (faster Rust-based alternative) for linting.
- Add prek to dev dependencies
- Replace pre-commit workflow with prek workflow using setup-uv@v6
- Update Claude workflow allowed tools to use prek
* first pass
restore
restore this too
Revert "first pass"
This reverts commit b507770b2c79cc948b33222d8877fb784bfe108a.
* continue
* Update uv.lock
* refresh lockfile
* bugfix
* temp
* fix these
* pytest changes
* formatting
* set up test env properly here too
* ruff
* make ruff happy
* Update e2e-bubblesort-unittest.yaml
* with pytest
* bugfix
* oops
