Skip to content

chore(workspace): propagate unified make and release automation#249

Merged
marlon-costa-dc merged 11 commits intomainfrom
0.11.0-dev
Feb 20, 2026
Merged

chore(workspace): propagate unified make and release automation#249
marlon-costa-dc merged 11 commits intomainfrom
0.11.0-dev

Conversation

@marlon-costa-dc
Copy link
Contributor

@marlon-costa-dc marlon-costa-dc commented Feb 20, 2026

Summary

  • continue propagation from branch 0.11.0-dev
  • include centralized make verbs and SSOT scripts updates
  • keep workspace/project branches aligned for release flow

Validation

  • make pr PR_ACTION=status
  • make pr PR_ACTION=checks

Summary by cubic

Propagates unified make and release automation across the workspace, enforces Python 3.13, and standardizes CI reports under .reports. Adds a workspace PR coordinator and resilient PR merging with auto-rebase and optional release dispatch; fixes SonarCloud auto-analysis by using sonar.exclusions and removes unsafe regex guard stripping.

  • New Features

    • Release CLI: run/version/build/notes/changelog (+shared) with phases (validate, version, build, publish), release/ branch creation, and reports in .reports/release.
    • PR automation: pr_manager auto-rebases when not mergeable and can dispatch a release on merge when head implies vX.Y.Z or release/X.Y.Z; added --release-on-merge (default on).
    • Workspace PRs: pr_workspace coordinates checkout/checkpoint and runs make pr across repos; logs to .reports/workspace/pr.
  • Migration

    • Use Python 3.13. Update venvs and run scripts/maintenance/enforce_python_version.py (or --check).
    • Install GitHub CLI and actionlint for local checks.
    • For standalone repos, set remote.origin.url or FLEXT_WORKSPACE_ROOT; sync will infer owner or build a repo map.

Written for commit ffc2348. Summary will update on new commits.

@gemini-code-assist
Copy link

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@coderabbitai
Copy link

coderabbitai bot commented Feb 20, 2026

Warning

Rate limit exceeded

@marlon-costa-dc has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 27 minutes and 11 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch 0.11.0-dev

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

3 issues found across 19 files

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="scripts/maintenance/_discover.py">

<violation number="1" location="scripts/maintenance/_discover.py:14">
P0: Import from non-existent module `libs.discovery` — script will crash with `ImportError` at runtime. The `libs/` directory and `discover_projects` function do not exist in this repository. Either the `libs/discovery` module needs to be added as part of this PR, or the import path is incorrect.</violation>
</file>

<file name="scripts/maintenance/enforce_python_version.py">

<violation number="1" location="scripts/maintenance/enforce_python_version.py:187">
P2: Guard staleness bug: `_has_guard` only checks for the marker string, not that the guard content matches the current `REQUIRED_MINOR`. If the required version changes, existing (now stale) guards will be reported as OK and never updated. Consider checking that `GUARD_BLOCK` is present in the content, or at least verifying the version inside the existing guard matches.</violation>
</file>

<file name="scripts/core/stub_supply_chain.py">

<violation number="1" location="scripts/core/stub_supply_chain.py:22">
P1: Import references non-existent module `libs.selection`. The `libs` directory and `resolve_projects` function do not exist anywhere in the repository. This script will fail at import time with `ModuleNotFoundError`. If this module is being introduced in a companion PR, consider coordinating the merge order or adding a fallback.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

kind = "submodule" if entry.name in submodules else "external"
projects.append(ProjectInfo(path=entry, name=entry.name, kind=kind))
return projects
from libs.discovery import discover_projects
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P0: Import from non-existent module libs.discovery — script will crash with ImportError at runtime. The libs/ directory and discover_projects function do not exist in this repository. Either the libs/discovery module needs to be added as part of this PR, or the import path is incorrect.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/maintenance/_discover.py, line 14:

<comment>Import from non-existent module `libs.discovery` — script will crash with `ImportError` at runtime. The `libs/` directory and `discover_projects` function do not exist in this repository. Either the `libs/discovery` module needs to be added as part of this PR, or the import path is incorrect.</comment>

<file context>
@@ -3,68 +3,53 @@
-        kind = "submodule" if entry.name in submodules else "external"
-        projects.append(ProjectInfo(path=entry, name=entry.name, kind=kind))
-    return projects
+from libs.discovery import discover_projects
 
 
</file context>
Fix with Cubic

if str(Path(__file__).resolve().parents[2]) not in sys.path:
sys.path.insert(0, str(Path(__file__).resolve().parents[2]))

from libs.selection import resolve_projects
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: Import references non-existent module libs.selection. The libs directory and resolve_projects function do not exist anywhere in the repository. This script will fail at import time with ModuleNotFoundError. If this module is being introduced in a companion PR, consider coordinating the merge order or adding a fallback.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/core/stub_supply_chain.py, line 22:

<comment>Import references non-existent module `libs.selection`. The `libs` directory and `resolve_projects` function do not exist anywhere in the repository. This script will fail at import time with `ModuleNotFoundError`. If this module is being introduced in a companion PR, consider coordinating the merge order or adding a fallback.</comment>

<file context>
@@ -16,6 +16,11 @@
+if str(Path(__file__).resolve().parents[2]) not in sys.path:
+    sys.path.insert(0, str(Path(__file__).resolve().parents[2]))
+
+from libs.selection import resolve_projects
+
 MISSING_IMPORT_RE = re.compile(r"Cannot find module `([^`]+)` \[missing-import\]")
</file context>
Fix with Cubic


content = conftest.read_text(encoding="utf-8")

if _has_guard(content):
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: Guard staleness bug: _has_guard only checks for the marker string, not that the guard content matches the current REQUIRED_MINOR. If the required version changes, existing (now stale) guards will be reported as OK and never updated. Consider checking that GUARD_BLOCK is present in the content, or at least verifying the version inside the existing guard matches.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/maintenance/enforce_python_version.py, line 187:

<comment>Guard staleness bug: `_has_guard` only checks for the marker string, not that the guard content matches the current `REQUIRED_MINOR`. If the required version changes, existing (now stale) guards will be reported as OK and never updated. Consider checking that `GUARD_BLOCK` is present in the content, or at least verifying the version inside the existing guard matches.</comment>

<file context>
@@ -0,0 +1,249 @@
+
+    content = conftest.read_text(encoding="utf-8")
+
+    if _has_guard(content):
+        if verbose:
+            print(f"  ✓ conftest.py guard OK: {project.name}")
</file context>
Fix with Cubic

Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 issues found across 1 file (changes from recent commits).

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="scripts/github/pr_manager.py">

<violation number="1" location="scripts/github/pr_manager.py:87">
P2: Bug: `-dev` suffix is not stripped for `release/` branches. The second regex matches against the original `head` rather than the already-stripped `version`, so `release/X.Y.Z-dev` branches will never produce a release tag, unlike bare `X.Y.Z-dev` branches. Apply `removesuffix` consistently or match against `version` instead of `head`.</violation>

<violation number="2" location="scripts/github/pr_manager.py:104">
P2: `gh release view` output leaks to stdout. This command is used only to check existence (return code), but `_run_stream` doesn't suppress output, so the full release details are printed and mixed with the script's own `status=` lines. Consider using `subprocess.run(..., capture_output=True)` or `subprocess.DEVNULL` here instead.</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

if tag is None:
return

if _run_stream(["gh", "release", "view", tag], repo_root) == 0:
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: gh release view output leaks to stdout. This command is used only to check existence (return code), but _run_stream doesn't suppress output, so the full release details are printed and mixed with the script's own status= lines. Consider using subprocess.run(..., capture_output=True) or subprocess.DEVNULL here instead.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/github/pr_manager.py, line 104:

<comment>`gh release view` output leaks to stdout. This command is used only to check existence (return code), but `_run_stream` doesn't suppress output, so the full release details are printed and mixed with the script's own `status=` lines. Consider using `subprocess.run(..., capture_output=True)` or `subprocess.DEVNULL` here instead.</comment>

<file context>
@@ -79,6 +80,41 @@ def _selector(pr_number: str, head: str) -> str:
+    if tag is None:
+        return
+
+    if _run_stream(["gh", "release", "view", tag], repo_root) == 0:
+        print(f"status=release-exists tag={tag}")
+        return
</file context>
Fix with Cubic

version = head.removesuffix("-dev")
if re.fullmatch(r"\d+\.\d+\.\d+", version):
return f"v{version}"
match = re.fullmatch(r"release/(?P<version>\d+\.\d+\.\d+)", head)
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: Bug: -dev suffix is not stripped for release/ branches. The second regex matches against the original head rather than the already-stripped version, so release/X.Y.Z-dev branches will never produce a release tag, unlike bare X.Y.Z-dev branches. Apply removesuffix consistently or match against version instead of head.

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/github/pr_manager.py, line 87:

<comment>Bug: `-dev` suffix is not stripped for `release/` branches. The second regex matches against the original `head` rather than the already-stripped `version`, so `release/X.Y.Z-dev` branches will never produce a release tag, unlike bare `X.Y.Z-dev` branches. Apply `removesuffix` consistently or match against `version` instead of `head`.</comment>

<file context>
@@ -79,6 +80,41 @@ def _selector(pr_number: str, head: str) -> str:
+    version = head.removesuffix("-dev")
+    if re.fullmatch(r"\d+\.\d+\.\d+", version):
+        return f"v{version}"
+    match = re.fullmatch(r"release/(?P<version>\d+\.\d+\.\d+)", head)
+    if match:
+        return f"v{match.group('version')}"
</file context>
Suggested change
match = re.fullmatch(r"release/(?P<version>\d+\.\d+\.\d+)", head)
match = re.fullmatch(r"release/(?P<version>\d+\.\d+\.\d+)", version)
Fix with Cubic

@sonarqubecloud
Copy link

Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 1 file (changes from recent commits).

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="scripts/github/pr_workspace.py">

<violation number="1" location="scripts/github/pr_workspace.py:120">
P1: The script path `scripts/github/pr_manager.py` is relative but `subprocess.run` has no `cwd` set. When `--workspace-root` points to a directory other than the process's current working directory, this command will fail to find the script. Use an absolute path derived from `repo_root` (which equals `workspace_root` in this branch).</violation>
</file>

Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.

if repo_root == workspace_root:
command = [
"python",
"scripts/github/pr_manager.py",
Copy link

@cubic-dev-ai cubic-dev-ai bot Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: The script path scripts/github/pr_manager.py is relative but subprocess.run has no cwd set. When --workspace-root points to a directory other than the process's current working directory, this command will fail to find the script. Use an absolute path derived from repo_root (which equals workspace_root in this branch).

Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At scripts/github/pr_workspace.py, line 120:

<comment>The script path `scripts/github/pr_manager.py` is relative but `subprocess.run` has no `cwd` set. When `--workspace-root` points to a directory other than the process's current working directory, this command will fail to find the script. Use an absolute path derived from `repo_root` (which equals `workspace_root` in this branch).</comment>

<file context>
@@ -114,28 +114,60 @@ def _run_pr(repo_root: Path, workspace_root: Path, args: argparse.Namespace) ->
+    if repo_root == workspace_root:
+        command = [
+            "python",
+            "scripts/github/pr_manager.py",
+            "--repo-root",
+            str(repo_root),
</file context>
Suggested change
"scripts/github/pr_manager.py",
str(repo_root / "scripts" / "github" / "pr_manager.py"),
Fix with Cubic

@marlon-costa-dc marlon-costa-dc merged commit bd95cb1 into main Feb 20, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant