Skip to content

feat: enforce ledger write access for event ingestion and update Python version requirements#48

Merged
Gsbreddy merged 2 commits into
mainfrom
2026-05-03-p03c
May 3, 2026
Merged

feat: enforce ledger write access for event ingestion and update Python version requirements#48
Gsbreddy merged 2 commits into
mainfrom
2026-05-03-p03c

Conversation

@Gsbreddy

@Gsbreddy Gsbreddy commented May 3, 2026

Copy link
Copy Markdown
Collaborator

Summary

Why

Changes

Validation

Run the same checks as CI (see .github/workflows/ci.yml) before opening / updating the PR. Cursor loads .cursor/rules/flightdeck-ci-artifacts.mdc as a short reminder for static/ + schemas/ gates.

  • uv sync --frozen --extra dev
  • uv run python -m ruff check src tests
  • uv run python -m pytest
  • uv run python scripts/generate_schemas.py then git diff --exit-code schemas/ (if models/schemas touched)
  • cd web && npm ci && npm run build && cd .. && git diff --exit-code src/flightdeck/server/static/ (if web/ sources, Vite config, or web/ deps / lockfile change the production bundle)
  • cd web && npx playwright install chromium && npm run test:e2e (if web/ changed)
  • uv run flightdeck-quickstart-verify
  • uv run flightdeck --help

With pip / venv only, use python -m … equivalents from DEVELOPMENT.md.

Schema / Storage Impact

  • None
  • Schema change
  • Storage change

Risk

Review

  • Requested review from maintainers (CODEOWNERS@flightdeckdev/maintainers on the org repo). On a fork, GitHub may not auto-request; use Reviewers on the PR.
  • PR is small and scoped (see AGENTS.md); linked issue or release note intent noted if helpful.

Notes

zendaya added 2 commits May 3, 2026 02:23
…on version requirements

- Implemented `require_ledger_write_access` for the `POST /v1/events` endpoint, aligning it with the access model of other mutation routes.
- Updated documentation to reflect the new authorization requirements for event ingestion, requiring `Authorization: Bearer <token>` when `FLIGHTDECK_LOCAL_API_TOKEN` is set.
- Changed Python version requirements in `pyproject.toml` and related files to support `>=3.11,<4`, ensuring compatibility with common production interpreters.
- Enhanced tests to validate the new access control for event ingestion.

This update strengthens security by ensuring that only authorized clients can submit events, while also modernizing the Python compatibility range.
…dd resolution markers for specific versions. Include typing-extensions dependency for Python versions <3.13 and add multiple wheel URLs for cffi-2.0.0 across various platforms.
@Gsbreddy Gsbreddy merged commit 7b2c84e into main May 3, 2026
3 checks passed
@Gsbreddy Gsbreddy deleted the 2026-05-03-p03c branch May 3, 2026 00:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants