Add precommit hooks via prek and default ruff/pytest configuration #84
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Update Python requirement to 3.11+ to match CLAUDE.md standards - Replace mypy with Astral's experimental ty type checker - Add comprehensive ruff.toml with strict code quality constraints: - Cyclomatic complexity ≤ 8 - Max 5 positional args, 12 branches, 6 returns - Google-style docstrings enforced - Add data library option (polars/pandas/none) in cookiecutter.json - Create pre-commit hooks configuration for automated checks - Add CLAUDE.md template with project-specific instructions - Configure pytest to support tests beside code - Update Makefile with common commands (ty, fix, check) - Remove Python 3.9/3.10 from CI matrix These changes align the cookiecutter template with modern Python development practices and enforce stricter code quality standards. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add web_framework choice in cookiecutter.json (fastapi/none) - Include FastAPI and uvicorn dependencies when selected - Create basic FastAPI app template with health check endpoint - Add 'make serve' command to run development server - Update CLAUDE.md to express strong preference for FastAPI over Flask - Configure post-generation hook to remove _app.py if not using FastAPI This enforces the preference for modern async frameworks and explicitly discourages Flask usage in new projects. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Fix ty version to 0.0.1a16 (current alpha release) - Remove --strict flag which doesn't exist in ty - Update ty commands to explicitly check src directory - Remove strict=true from pyproject.toml ty config ty is still in early alpha, so we're using the latest available version with basic configuration. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Apply ruff formatting to fix CI failure. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Remove the data_library choice (polars/pandas/none) as it's rarely needed for Trail of Bits projects. This simplifies the template and reduces unnecessary options during project creation. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove FastAPI web framework option to reduce complexity - Consolidate ruff configuration from ruff.toml into pyproject.toml - Fix Makefile redundancies: keep 'fix' and 'format' as aliases - Remove duplicated ty command from lint target - Clean up CLAUDE.md to remove FastAPI references This simplifies the PR to focus on core improvements: stricter code quality standards, ty type checker, and pre-commit hooks. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
The self-test CI workflow expects 'make reformat' to exist. Add it back as an alias alongside 'fix' and 'format'. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Replace deprecated 'license-files' with proper license field syntax.
Use 'license = {text = "SPDX-ID"}' for standard licenses and
'license = {file = "LICENSE"}' for proprietary licenses.
This fixes the RUF200 parsing error in generated projects.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
Change 'search_path' to 'src' in [tool.ty] configuration. The ty type checker expects 'src' as the field name, not 'search_path'. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Remove the [tool.ty] section entirely as ty is in early alpha and the configuration format is not well documented. Let ty use its default configuration which should work for standard project layouts. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Replace experimental ty (0.0.1a16) with stable pyright (1.1+) - Configure pyright with standard type checking mode - Make pre-commit pytest less aggressive: only run fast tests (-k "not slow") - Remove -q flag from pytest for better debugging visibility - Clarify CLAUDE.md framework preferences as general guidelines - Add missing newline to pre-commit config - Update all references from ty to pyright in docs and commands This makes the type checking more reliable while maintaining the same strict code quality standards. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Remove accidentally included test-pyright directory - Fix pre-commit deprecation: use stages: [pre-commit] instead of [commit] - Change pyright to strict mode for better type safety - Add pyright include paths: ["src", "test"] - Add pytest marker documentation for @pytest.mark.slow - Simplify Makefile: keep 'fix' as primary command, 'reformat' as alias All changes tested locally - lint, fix, reformat, and pre-commit hooks work correctly with strict pyright configuration. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
oldsj
approved these changes
Jul 30, 2025
oldsj
left a comment
oldsj
left a comment
There was a problem hiding this comment.
I was able to test this with uvx cookiecutter gh:trailofbits/cookiecutter-python --checkout enhance-cookiecutter-standards and tests passed with make check , looks good!
ekilmer
requested changes
Jul 30, 2025
ekilmer
reviewed
Jul 30, 2025
ret2libc
reviewed
Jul 31, 2025
ekilmer
reviewed
Dec 5, 2025
Ninja3047
requested changes
Dec 8, 2025
Contributor
Ninja3047
left a comment
Ninja3047
left a comment
There was a problem hiding this comment.
i think for pre-commit I would strongly prefer we stick to just auto fixing formatting
running through the entire test suite would make development really annoying especially with work in progress stuff
Switch to prek (https://github.com/j178/prek), a faster Rust-based pre-commit alternative. Add built-in hooks for common checks: trailing-whitespace, end-of-file-fixer, check-yaml, check-toml, check-merge-conflict, and detect-private-key. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Ninja3047
reviewed
Jan 19, 2026
Ninja3047
approved these changes
Jan 19, 2026
Ninja3047
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds pre-commit hooks via https://github.com/j178/prek and configures stricter code quality defaults.
Changes: