fix(ci): enforce loud fail when package __version__ is missing#272
Merged
Conversation
mvillmow
commented
Jun 19, 2026
mvillmow
left a comment
mvillmow
left a comment
Contributor
Author
There was a problem hiding this comment.
GO — correctly/completely fixes the silent-no-op version-sync gate (AST walk + loud fail). Minor nits: tab indentation in test_version.py vs project space style; dead confirmations==0 branch.
The deps-version-sync CI check at _required.yml:331-368 was silently ineffective: when an __init__.py lacked __version__, the loop would skip it without error, so the gate passed for the wrong reason (issue #177). This change: - Makes the AST check mandatory for all discovered src/**/__init__.py files - Fails loudly with actionable error messages when __version__ is absent - Uses a confirmations counter to ensure at least one source verified the version (VERSION file or package __version__) - Adds tests/test_version.py to protect the runtime contract independently of CI YAML The gate now enforces either (a) a VERSION file matching pyproject.toml, OR (b) at least one src/**/__init__.py declaring __version__ matching pyproject.toml. If neither holds, the job fails with a clear error. Fixes #177 (epic #92) Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Signed-off-by: mvillmow <4211002+mvillmow@users.noreply.github.com>
…ations guard - tests/test_version.py: replace tab indentation with 4-space to match ruff indent-style = "space" (closes thread PRRT_kwDORoAqvc6K4lgF) - _required.yml: remove unreachable `if confirmations == 0` block; the `if not init_files and not version_file.exists()` exit at lines 356-359 already handles the empty-discovery case (closes thread PRRT_kwDORoAqvc6K4lgI) - Apply ruff format across all affected source files Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> Signed-off-by: mvillmow <4211002+mvillmow@users.noreply.github.com>
Identified 2 bugs discovered during implementation that fall within strict scope: 1. [safety] File handle leak at .github/workflows/_required.yml:362 - open(init_file).read() never closes the file - Should use pathlib.Path(init_file).read_text() instead 2. [critical_bug] Unhandled exception at .github/workflows/_required.yml:368 - ast.literal_eval(node.value) crashes if __version__ is non-literal - Should wrap in try/except with clear error message Both are defects in core functionality discovered during implementation. Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com> Signed-off-by: mvillmow <4211002+mvillmow@users.noreply.github.com>
GHSA-4xgf-cpjx-pc3j) Signed-off-by: Micah Villmow <4211002+mvillmow@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes the silent failure anti-pattern in the
deps-version-syncCI job. The check was passing when__version__was absent from package__init__.pyfiles, violating the repository's no-silent-failure principle.Changes
.github/workflows/_required.yml(lines 331-368): Replace the silent loop continuation with explicit error handling:__version__assignments (not substring matching)__version__is absent__version__declarationstests/test_version.py(new file): Adds two tests protecting the runtime contract:test_package_version_matches_pyproject: Asserts telemachy.version equals pyproject.tomltest_package_exposes_dunder_version: Asserts the package exposes versionVerification
All existing tests pass (50 tests total, including 2 new version tests):
The CI script now:
__version__is removed: "ERROR: src/telemachy/init.py has no top-level version assignment"|| trueorcontinue-on-error: truesuppressionsRelated Issues
Fixes #177 (part of epic #92)
Closes #177