chore: optimize CodeRabbit configuration for Python/FastAPI project

[nanotaboada]

This change is 

Summary by CodeRabbit

• New Features

  • Added path-based review rules and ignore patterns to tailor checks by file areas.
  • Expanded public review surface with enhanced pre-merge checks, title guidance, and automated finishing-touches.

• Chores

  • Reconfigured tooling and quality gates to focus on Python projects and updated related settings.
  • Minor formatting fixes to dependency automation configuration for consistency.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Added repository-wide CodeRabbit review configuration with path-based review instructions, path filters, Python-focused tooling, expanded knowledge base and code-generation guidance, auto-review adjustments, and minor whitespace fixes to Dependabot configuration.

Changes

Cohort / File(s)	Summary
Core config: reviews & automation /.coderabbit.yaml	Introduced path_instructions for multiple glob patterns (e.g., **/*.py, routes/**/*.py, services/**/*.py, databases/**/*.py, schemas/**/*.py, models/**/*.py, tests/**/*.py, main.py, Dockerfile, requirements*.txt, pyproject.toml); added path_filters to ignore common artifacts (e.g., __pycache__, .pytest_cache, htmlcov, *.pyc, virtualenv dirs, DB files, assets); enabled related_prs and suggested_labels; added base_branches (master, main) and ignore_title_keywords; lowered pre_merge_checks.threshold to 75 and expanded Conventional Commits/title guidance.
Tooling & quality gates /.coderabbit.yaml	Reconfigured tools for a Python-focused stack: enabled/disabed various analysers (e.g., enabled ruff, toggled flake8, pylint, gitleaks, checkov, yamllint, actionlint, semgrep, markdownlint, github-checks); disabled non-Python tools (e.g., detekt, eslint entries).
Knowledge base & code generation /.coderabbit.yaml	Populated knowledge_base.filePatterns (e.g., **/*.py, **/requirements*.txt, **/pyproject.toml, **/Dockerfile, **/*.{yml,yaml}); added code_generation.docstrings.path_instructions (Google-style, async guidance) and code_generation.unit_tests.path_instructions (pytest/async guidance, ~80% coverage target).
Issue enrichment & planning /.coderabbit.yaml	Exposed/added finishing_touches, pre_merge_checks, issue_assessment, and planning/labeling scaffolding with planning label configuration.
Dependency automation /.github/dependabot.yml	Minor whitespace/indentation corrections in pip/pytest group pattern lists; no semantic changes to patterns.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title uses the Conventional Commits format (chore:), is descriptive about optimizing CodeRabbit configuration for Python/FastAPI, and is well under 80 characters (67 chars).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch chore/optimize-coderabbit-config

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codacy-production]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ +0.00%	✅ ∅

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (d5931a0)	131	119	90.84%
Head commit (b4cf772)	131 (+0)	119 (+0)	90.84% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#462)	0	0	∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.65%. Comparing base (d5931a0) to head (b4cf772).
⚠️ Report is 4 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #462   +/-   ##
=======================================
  Coverage   89.65%   89.65%           
=======================================
  Files           3        3           
  Lines         116      116           
=======================================
  Hits          104      104           
  Misses         12       12           

Components	Coverage Δ
Services	79.31% <ø> (ø)
Routes	100.00% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.coderabbit.yaml:
- Around line 31-115: The pyproject.toml PathInstruction for "pyproject.toml"
has an incorrect Black config syntax: update the Verify Black configuration
instruction (the string containing "line-length = 88, target-version = py313")
to use an array for target-version, e.g., change "target-version = py313" to
"target-version = [\"py313\"]" in the instruction text so it reflects valid TOML
for Black.

🧹 Nitpick comments (5)

.coderabbit.yaml (5)

116-130: Consider adding additional cache/build artifact patterns.

The exclusion patterns cover the essentials. You may want to consider adding these common Python project artifacts:

- "!**/.mypy_cache/**"
- "!**/.ruff_cache/**"
- "!**/.coverage"
- "!**/dist/**"
- "!**/build/**"
- "!**/*.egg-info/**"

These would prevent reviews from being triggered by type checker caches, linter caches, or build artifacts if they ever get committed.

---

134-141: Minor: Redundant case variants in ignore_title_keywords.

The ignore_title_keywords matching is case-insensitive per the schema, so including both "WIP" and "wip" is redundant. Consider simplifying:

ignore_title_keywords:
  - "WIP"
  - "DO NOT REVIEW"

This is purely a cleanliness improvement—the current configuration works correctly.

---

166-171: Consider consolidating Python linters—ruff can replace flake8 and pylint.

Ruff is designed as a faster replacement for Flake8, Pylint, and many other Python linters, implementing most of their rules. Running all three may produce:

• Duplicate/overlapping warnings
• Slower review times
• Conflicting style suggestions

Consider keeping only ruff enabled (it's significantly faster and covers most rules from both tools). If you have specific Pylint or Flake8 rules not covered by Ruff, you can enable Ruff's equivalent rule sets via configuration.

♻️ Suggested simplification

  tools:
    # Relevant tools for Python projects
    ruff:
      enabled: true
    flake8:
-     enabled: true
+     enabled: false
    pylint:
-     enabled: true
+     enabled: false

---

197-198: Consider keeping ShellCheck enabled for Dockerfile and CI scripts.

While this is a Python project, you likely have shell commands in:

• Dockerfile RUN instructions
• GitHub Actions workflow steps
• Potential entrypoint scripts

ShellCheck can catch common shell scripting errors in these contexts. Consider keeping it enabled unless it's producing noise.

---

286-294: Minor inconsistency in coverage targets.

The unit test instructions specify "Target 80% code coverage minimum" (line 294), but the pre_merge_checks.docstrings.threshold is set to 75% (line 152). Consider aligning these values for consistency, or document the intentional difference (docstring coverage vs. code coverage are distinct metrics).

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d5931a0 and 4d97767.

📒 Files selected for processing (2)

• .coderabbit.yaml
• .github/dependabot.yml

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (5)

.github/dependabot.yml (1)

12-19: LGTM!

The indentation corrections maintain consistent YAML formatting. The dependency groupings are sensible—grouping gevent with pytest-related packages is appropriate since gevent is commonly used for async testing support.

.coderabbit.yaml (4)

1-30: LGTM!

The base configuration is well-structured with appropriate settings for a professional Python/FastAPI project. Disabling poem and suggested_reviewers while keeping useful features like sequence_diagrams and estimate_code_review_effort shows thoughtful customization.

---

143-163: LGTM!

The pre-merge checks configuration is well-defined. The Conventional Commits requirement in the title check (line 155-158) provides clear guidance. Setting the docstring threshold to 75% (vs. default 80%) is a reasonable starting point that can be increased as coverage improves.

---

260-265: Verify brace expansion support in file patterns.

The pattern **/*.{yml,yaml} (line 265) uses brace expansion syntax. While common in shell globs, not all glob implementations support this. Consider using explicit patterns to ensure compatibility:

filePatterns:
  - "**/*.py"
  - "**/requirements*.txt"
  - "**/pyproject.toml"
  - "**/Dockerfile"
  - "**/*.yml"
  - "**/*.yaml"

If CodeRabbit's glob implementation supports brace expansion, the current syntax is fine—this is a defensive suggestion.

---

296-307: LGTM!

The issue enrichment configuration is appropriately conservative with auto_apply_labels: false while enabling useful planning automation triggered by the "planning" label.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.coderabbit.yaml (1)

196-198: Consider keeping ShellCheck enabled.

While this is a Python-focused project, you may have shell scripts in CI workflows, Docker entrypoints, or utility scripts. ShellCheck can help catch common shell scripting errors in these files. Unless you're certain there are no shell scripts to lint, consider leaving it enabled.

💡 Optional: Keep ShellCheck enabled

     # Disable irrelevant tools for Python project
     shellcheck:
-      enabled: false
+      enabled: true

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4d97767 and b4cf772.

📒 Files selected for processing (1)

• .coderabbit.yaml

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-12-02T02:56:16.552Z

Learnt from: CR
Repo: nanotaboada/python-samples-fastapi-restful PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2025-12-02T02:56:16.552Z
Learning: Applies to **/*.py : Use Black formatter with line length 88 and target Python 3.13

Applied to files:

• .coderabbit.yaml

⏰ Context from checks skipped due to timeout of 120000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (10)

.coderabbit.yaml (10)

1-7: LGTM!

Header comments and basic settings are well-structured and comply with the schema.

---

8-30: LGTM!

Review settings are properly configured and schema-compliant. Enabling related_prs and suggested_labels will help with PR context and organization.

---

31-115: Comprehensive path-based review instructions.

The instructions are well-organized by component (routes, services, databases, schemas, models, tests) with appropriate guidance for each layer. The Black formatter syntax on line 112 (target-version = ["py313"]) is correct for pyproject.toml configuration. Based on learnings, this aligns with the project's requirement for Black formatter with line length 88 and target Python 3.13.

---

116-130: LGTM!

Path filters appropriately exclude build artifacts, cache directories, virtual environments, and database files from review.

---

131-142: LGTM!

Auto-review configuration is appropriate. Including both master and main as base branches ensures compatibility with different Git conventions.

---

149-163: LGTM!

Pre-merge checks are well-configured with Conventional Commits guidance for titles and a reasonable 75% docstring coverage threshold.

---

164-195: LGTM!

Good selection of Python-relevant tools enabled: Ruff, Flake8, Pylint for Python linting, plus security tools (Gitleaks, Checkov, Semgrep) and infrastructure linters (Hadolint, YAMLlint, actionlint). The github-checks timeout of 120 seconds is reasonable.

---

254-274: LGTM!

Knowledge base configuration appropriately includes Python-relevant file patterns and enables useful integrations.

---

275-295: LGTM!

Code generation instructions are well-aligned with the project conventions—Google-style docstrings and pytest with async support match the review path instructions.

---

296-307: LGTM!

Issue enrichment configuration is properly set up with planning enabled and appropriate label triggers.