SoftwareDevLabs · vinod0m · Sep 9, 2025 · Aug 20, 2025 · Aug 20, 2025 · Aug 20, 2025
diff --git a/.env.template b/.env.template
@@ -0,0 +1,4 @@
+# API Keys for LLM Providers
+# Copy this file to .env and fill in the values.
+GOOGLE_GEMINI_API_KEY=your_api_key_here
+OPENAI_API_KEY=your_api_key_here
diff --git a/.github/actions/setup-python-env/action.yml b/.github/actions/setup-python-env/action.yml
@@ -0,0 +1,45 @@
+name: 'Setup Python Environment'
+description: 'Checks out code, sets up Python, caches dependencies, and installs them.'
+inputs:
+  python-version:
+    description: 'The Python version to use.'
+    required: true
+    default: '3.11'
+  install-dev-reqs:
+    description: 'Whether to install requirements-dev.txt'
+    required: false
+    default: 'true'
+  install-docs-reqs:
+    description: 'Whether to install requirements-docs.txt'
+    required: false
+    default: 'false'
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ inputs.python-version }}
+    - name: Cache pip
+      uses: actions/cache@v4
+      with:
+        path: ~/.cache/pip
+        # Include all requirements files in the cache key
+        key: ${{ runner.os }}-pip-${{ inputs.python-version }}-${{ hashFiles('**/requirements*.txt') }}
+        restore-keys: |
+          ${{ runner.os }}-pip-${{ inputs.python-version }}-
+          ${{ runner.os }}-pip-
+    - name: Install dependencies
+      shell: bash
+      run: |
+        python -m pip install --upgrade pip
+        if [ -f requirements.txt ]; then
+          pip install -r requirements.txt
+        fi
+        if [ "${{ inputs.install-dev-reqs }}" == "true" ] && [ -f requirements-dev.txt ]; then
+          pip install -r requirements-dev.txt
+        fi
+        if [ "${{ inputs.install-docs-reqs }}" == "true" ] && [ -f requirements-docs.txt ]; then
+          pip install -r requirements-docs.txt
+        fi
diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md
@@ -197,8 +197,10 @@ setup.py              → Python package setup (currently empty)
 1. **Install dependencies**: `pip install pytest pytest-cov mypy pylint`
 2. **Set Python path**: `export PYTHONPATH=.` or prefix commands with `PYTHONPATH=.`
 3. **Test before changing**: `PYTHONPATH=. python -m pytest test/ -v` to validate current state
-4. **Check module imports**: Ensure new Python modules have proper `__init__.py` files
-5. **Follow branch naming**: Use `dev/<alias>/<feature>` pattern for feature branches
+4. **Configure the agent**: Edit `config/model_config.yaml` to configure the agent before running it.
+5. **Check module imports**: Ensure new Python modules have proper `__init__.py` files
+6. **Follow branch naming**: Use `dev/<alias>/<feature>` pattern for feature branches
+7. **Fill out the PR template**: Ensure the PR template at `.github/PULL_REQUEST_TEMPLATE.md` is filled out before submitting a new PR.
 
 **NEVER do the following:**
 - Run tests without setting PYTHONPATH

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -46,7 +46,7 @@ jobs:
         - language: actions
           build-mode: none
         - language: c-cpp
-          build-mode: manual
+          build-mode: none
         - language: javascript-typescript
           build-mode: none
         - language: python

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,14 @@
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
diff --git a/.github/workflows/docker-scan.yml b/.github/workflows/docker-scan.yml
@@ -0,0 +1,30 @@
+name: 'Docker Image Scan'
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  build-and-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Build an image from Dockerfile
+        id: build-image
+        run: |
+          docker build -t ${{ github.repository }}:latest .
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: '${{ github.repository }}:latest'
+          format: 'table'
+          exit-code: '0'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -1,16 +1,12 @@
 # GoSec Security Checker
 # This workflow runs gosec to check Go code for security issues
+# It is currently disabled from running automatically.
 name: GoSec Security Checker
 permissions:
   contents: read
 
 on:
-  push:
-    paths:
-      - '**.go'
-  pull_request:
-    paths:
-      - '**.go'
+  workflow_dispatch:
 
 jobs:
   gosec:

diff --git a/.github/workflows/prompt-evaluation.yml b/.github/workflows/prompt-evaluation.yml
@@ -0,0 +1,45 @@
+permissions:
+  contents: read
+name: 'Prompt Evaluation'
+
+on:
+  workflow_dispatch:
+    inputs:
+      prompt_file:
+        description: 'Path to the prompt file (e.g., data/prompts/default.yaml)'
+        required: true
+        default: 'data/prompts/default.yaml'
+      provider:
+        description: 'LLM provider to use (gemini, openai, ollama)'
+        required: true
+        default: 'gemini'
+      model:
+        description: 'Model name to use'
+        required: false
+
+jobs:
+  evaluate:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
+        with:
+          python-version: '3.11'
+
+      - name: Run prompt evaluation
+        env:
+          GOOGLE_GEMINI_API_KEY: ${{ secrets.GOOGLE_GEMINI_API_KEY }}
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+          PYTHONPATH: .
+        run: |
+          python scripts/evaluate-prompt.py \
+            --prompt-file ${{ github.event.inputs.prompt_file }} \
+            --provider ${{ github.event.inputs.provider }} \
+            --model ${{ github.event.inputs.model }} \
+            --output-file prompt-output.txt
+
+      - name: Upload prompt output
+        uses: actions/upload-artifact@v4
+        with:
+          name: prompt-output-${{ github.event.inputs.provider }}-${{ github.event.inputs.model || 'default' }}
+          path: prompt-output.txt
diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml
@@ -2,7 +2,8 @@ permissions:
   contents: read
 name: Pylint
 
-on: [push]
+on:
+  pull_request:
 
 jobs:
   build:
@@ -11,15 +12,10 @@ jobs:
       matrix:
         python-version: ["3.10", "3.11", "3.12" ]
     steps:
-    - uses: actions/checkout@v4
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
+    - name: Setup Python Environment
+      uses: ./.github/actions/setup-python-env
       with:
         python-version: ${{ matrix.python-version }}
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install pylint
     - name: Analysing the code with pylint
       run: |
         pylint $(git ls-files '*.py')
diff --git a/.github/workflows/python-docs.yml b/.github/workflows/python-docs.yml
@@ -16,15 +16,12 @@ jobs:
   build-docs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v5
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
           python-version: '3.11'
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install sphinx sphinx-autodoc-typehints
+          install-dev-reqs: 'false'
+          install-docs-reqs: 'true'
       - name: Generate Sphinx docs
         run: |
           sphinx-apidoc -o docs/ src/

diff --git a/.github/workflows/python-style.yml b/.github/workflows/python-style.yml
@@ -16,12 +16,9 @@ jobs:
   flake8-lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v5
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
           python-version: '3.11'
-      - name: Install flake8
-        run: pip install flake8
       - name: Run flake8
         run: flake8 src/ --count --select=E9,F63,F7,F82 --show-source --statistics
diff --git a/.github/workflows/python-test-static.yml b/.github/workflows/python-test-static.yml
diff --git a/.github/workflows/python-test.yml b/.github/workflows/python-test.yml
@@ -20,26 +20,12 @@ jobs:
     name: Static analysis & unit tests (one python)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v5
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
           python-version: '3.11'
-      - name: Cache pip
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-      - name: Install dependencies for static
-        run: |
-          python -m pip install --upgrade pip
-          pip install -r requirements.txt
-          pip install pytest pytest-cov mypy
       - name: Run ruff (lint)
         run: |
-          python -m pip install ruff
           python -m ruff check src/
       - name: Run unit tests with coverage
         run: |
@@ -64,25 +50,10 @@ jobs:
       matrix:
         python-version: [3.11, 3.12]
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
           python-version: ${{ matrix.python-version }}
-      - name: Cache pip
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ matrix.python-version }}-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          python -m venv .venv_ci
-          . .venv_ci/bin/activate
-          pip install --upgrade pip setuptools wheel
-          pip install -r requirements.txt
       - name: Run tests
         env:
           PYTHONPATH: .
@@ -94,25 +65,10 @@ jobs:
     runs-on: ubuntu-latest
     needs: tests
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
-          python-version: 3.12
-      - name: Cache pip
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-3.12-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-      - name: Install test deps only
-        run: |
-          python -m pip install --upgrade pip
-          python -m venv .venv_ci
-          . .venv_ci/bin/activate
-          pip install --upgrade pip setuptools wheel
-          pip install pytest python-dotenv
+          python-version: '3.12'
       - name: Run deepagent unit tests
         env:
           PYTHONPATH: .
@@ -124,25 +80,14 @@ jobs:
     runs-on: ubuntu-latest
     if: github.event_name == 'workflow_dispatch'
     steps:
-      - uses: actions/checkout@v4
-      - name: Set up Python
-        uses: actions/setup-python@v4
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
-          python-version: 3.12
+          python-version: '3.12'
+          install-dev-reqs: 'false' # python-dotenv is in dev-reqs, but we want to install it manually
       - name: Install provider packages
         run: |
-          python -m pip install --upgrade pip
-          python -m venv .venv_ci
-          . .venv_ci/bin/activate
-          pip install --upgrade pip setuptools wheel
           pip install langchain-google-genai langchain-community langchain-ollama python-dotenv
-      - name: Cache pip for provider-smoke
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-provider-smoke-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
       - name: Quick deepagent smoke (dry-run disabled)
         env:
           PYTHONPATH: .
@@ -157,22 +102,13 @@ jobs:
       matrix:
         provider: [gemini, openai, ollama]
     steps:
-      - uses: actions/checkout@v4
-      - name: Cache pip
-        uses: actions/cache@v4
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-providers-${{ matrix.provider }}-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-      - name: Set up Python
-        uses: actions/setup-python@v4
+      - name: Setup Python Environment
+        uses: ./.github/actions/setup-python-env
         with:
-          python-version: 3.12
+          python-version: '3.12'
+          install-dev-reqs: 'false'
       - name: Install provider packages
         run: |
-          python -m pip install --upgrade pip
-          pip install -r requirements.txt
           pip install langchain-google-genai langchain-community langchain-ollama
       - name: Run provider smoke for matrix provider
         env: