Develop

[AuraMindNest]

Summary by CodeRabbit

• New Features

  • Added automated deployment pipeline via GitHub Actions with SSH support
  • Introduced QuickBook format support for translations
  • Added new configuration options for batch translation and deployment timeout settings

• Bug Fixes

  • Improved error handling and null-safety checks for translation operations
  • Enhanced file sync mechanisms for automated batch translations

• Documentation

  • Updated API specifications to include QuickBook format support

• Chores

  • Updated Docker deployment configuration and submodules
  • Removed local startup/shutdown scripts in favor of Docker-based deployment
  • Updated build and code quality configurations

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces Docker-based CI/CD deployment infrastructure, adds support for the QuickBook format, refactors error handling and type annotations across weblate modules, removes legacy startup/shutdown scripts, consolidates backup script logic, and updates configuration files for REUSE license compliance.

Changes

Cohort / File(s)	Summary
CI/CD Infrastructure .github/workflows/cd.yml, .github/workflows/macos.yml	Added new manual GitHub Actions CD workflow for SSH-based Docker deployment with health checks; removed brew upgrade from macOS workflow.
Version Control & Submodules .gitmodules, scripts/spdx-license-list, weblate-docker	Added weblate-docker git submodule from CppDigest; updated SPDX license list and weblate-docker submodule pointers.
Configuration & Compliance .gitignore, REUSE.toml, codecov.yml, pyproject.toml	Updated .gitignore for egg-info and local scripts; added REUSE annotations for GPL-3.0-or-later compliance across workflows and scripts; set codecov patch coverage to informational; refined Ruff linting rules with targeted per-file ignores and extended typos identifier mappings.
Backup Scripts Refactoring scripts/backup/backup_from_server.sh, scripts/backup/dump_database.sh, scripts/backup/restore_to_local.sh	Converted post-command status checks to structured conditionals; consolidated multiple redirects into grouped brace blocks; switched from ls-based to find-based file discovery; added shellcheck directives; improved error handling with if...then...else patterns.
Backup Utility Scripts scripts/backup/recalculate_stats.py, scripts/backup/sync_database_to_files.py, scripts/backup/update_push_urls.py	Added GPL-3.0-or-later copyright headers and pylint directives; reformatted multi-line imports without changing runtime logic.
Setup Scripts scripts/auto/create_component_and_add_translation.py, scripts/auto/setup_project.py	Changed subprocess calls to use check=False for error handling via return codes; adjusted variable capture in setup_project.py; upgraded exception types to RuntimeError.
Legacy Script Removal start-weblate.sh, stop-weblate.sh	Removed entire startup/shutdown shell scripts that managed Weblate server and Celery worker processes via one-click commands.
Weblate Core Models weblate/settings_docker.py, weblate/trans/models/component.py, weblate/trans/tasks.py	Added weblate.boost_endpoint to installed apps and new OpenRouter/endpoint timeout settings; removed commented transaction code; refactored autobatch file-sync to use module-level imports; replaced HttpRequest with AuthenticatedHttpRequest in Celery tasks.
Weblate Endpoint & Services weblate/boost_endpoint/services.py, weblate/boost_endpoint/views.py	Strengthened type annotations with explicit list/dict typing; added TYPE_CHECKING imports for LanguageQuerySet; added null-guard for repo_owner in push operations; used argument expansion in git staging; added linter directives to method signatures without changing logic.
Format Handlers weblate/formats/asciidoc.py, weblate/formats/quickbook.py	AsciiDoc: refactored subprocess result naming, improved error reporting, added UTF-8 encoding specification. QuickBook: changed type signatures from `str
Translation Utilities weblate/trans/autobatchtranslate.py, weblate/utils/openrouter_translator.py, weblate/utils/quickbook.py	Updated copyright attribution; removed unused imports; simplified variable unpacking. OpenRouter: added null-check for message content and explicit retry exhaustion error. QuickBook: replaced tuple membership checks with set membership; normalized translation newlines at segment boundaries.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related PRs

• Feature/docker deploy #15 — Overlapping identical changes across CI/CD workflows, REUSE compliance, script removals, and weblate module edits indicate parallel or dependent work.
• 1. #3 : Develop a script to generate Weblate translation projects/com… #4 — Directly shares changes to boost_endpoint Django app, scripts/auto modules, and settings configuration indicating related feature development.

Suggested reviewers

• henry0816191
• wpak-ai

Poem

🐰 A rabbit hops through workflows bright,
Docker deployments, typed just right.
QuickBooks flow and formats new,
Old scripts fade, the future's true! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The PR title 'Develop' is extremely vague and does not convey any meaningful information about the changeset. It refers only to a branch name rather than describing the actual changes.	Replace the generic 'Develop' title with a descriptive summary of the main changes, such as 'Add CD deployment workflow and maintenance updates' or 'Integrate Docker deployment and tooling improvements'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	Docstring coverage is 97.14% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch develop

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 9

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

weblate/formats/asciidoc.py (1)

1-18: ⚠️ Potential issue | 🟠 Major

Missing from __future__ import annotations import.

The coding guidelines require this import for all Python files. Add it after the license header.

Proposed fix

 # Copyright © Boost Organization <boost@boost.org>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+from __future__ import annotations
+
 """AsciiDoc file format support for Weblate (po4a-based)."""

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@weblate/formats/asciidoc.py` around lines 1 - 18, This file is missing the
required future import; add "from __future__ import annotations" immediately
after the license/header comment at the top of the module (before any other
imports) so that forward references use postponed evaluation—place it above the
existing imports (e.g., before os, pathlib, shutil) in the
weblate.formats.asciidoc module.

weblate/boost_endpoint/services.py (2)

142-152: ⚠️ Potential issue | 🟡 Minor

Preserve report_error() on clone failures.

Switching git clone to check=False means the common failure path now only logs and returns False. That drops the centralized error reporting this service otherwise uses for repository failures, which will make branch/auth/outage problems much harder to trace in production.

Suggested change

             if result.returncode != 0:
                 LOGGER.error("Failed to clone: %s", result.stderr)
+                report_error(cause="Boost component clone")
                 return False

Based on learnings, "Use weblate.utils.errors.report_error() for error handling and reporting."

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@weblate/boost_endpoint/services.py` around lines 142 - 152, The clone failure
path currently only logs and returns False after running subprocess.run with
check=False, which drops centralized reporting; update the error handling so
that when result.returncode != 0 you call weblate.utils.errors.report_error(...)
with the command, exit code and stderr (alongside the existing LOGGER.error
call) and then return False; locate the block around subprocess.run (variables
cmd and result) and ensure report_error is imported/used to preserve centralized
repository failure reporting.

---

694-700: ⚠️ Potential issue | 🟠 Major

Don't swallow a failed git status here.

With check=False, a broken repository state now looks the same as "no staged changes": the method skips commit/push and still counts the component as deleted. This should still fail the cleanup path or at least append an explicit error when git status returns non-zero.

Suggested change

                 status = subprocess.run(
                     ["git", "-C", base_path, "status", "--porcelain"],
                     capture_output=True,
                     text=True,
                     timeout=10,
-                    check=False,
+                    check=False,
                 )
+                if status.returncode != 0:
+                    raise subprocess.CalledProcessError(
+                        status.returncode,
+                        status.args,
+                        output=status.stdout,
+                        stderr=status.stderr,
+                    )
                 if status.stdout.strip():

As per coding guidelines, "Always use try/except for VCS operations and handle errors gracefully".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@weblate/boost_endpoint/services.py` around lines 694 - 700, The
subprocess.run call performing git status (the invocation using ["git", "-C",
base_path, "status", "--porcelain"] with
capture_output/text/timeout/check=False) is currently swallowing failures; wrap
that call in a try/except and treat non-zero return codes as errors (or inspect
status.returncode) so the cleanup path does not silently proceed — on error
either raise or append a clear error to the component's error list/log and skip
marking the component as deleted; update the code around that subprocess.run
usage to use check=True or explicitly handle status.returncode != 0 and include
stderr in the error message so VCS failures are surfaced.

🧹 Nitpick comments (3)

weblate/formats/asciidoc.py (1)

65-68: Consider moving import to top level or using TYPE_CHECKING.

The import of STATE_FUZZY inside the method body works but is non-idiomatic. If this is to avoid circular imports, consider using TYPE_CHECKING guard or restructuring.

Move import to module level

 from weblate.formats.convert import ConvertFormat
 from weblate.utils.errors import report_error
+from weblate.utils.state import STATE_FUZZY

Then remove the inner import at line 65-66.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@weblate/formats/asciidoc.py` around lines 65 - 68, The code currently imports
STATE_FUZZY inside the function (near existing_unit/state check) which is
non-idiomatic; move the import of STATE_FUZZY to the module level in
weblate.formats.asciidoc (or, if this was to avoid a circular import, add the
import under a typing.TYPE_CHECKING guard and reference the symbol at runtime
via a local import only when necessary), then remove the inner import and keep
the existing_unit/state check and thepo.markfuzzy(True) as-is; ensure the import
references STATE_FUZZY exactly and that no circular import is introduced.

scripts/backup/recalculate_stats.py (1)

6-9: Consider adding from __future__ import annotations and type hints.

Per coding guidelines, Python files should use from __future__ import annotations for forward references, and type hints are required.

Suggested change

 #!/usr/bin/env python3
 # Copyright © Boost Organization <boost@boost.org>
 #
 # SPDX-License-Identifier: GPL-3.0-or-later

+from __future__ import annotations
+
 """Recalculate statistics for all components in a project."""

 import os
 import sys

And for the function signature:

-def recalculate_stats(project_slug):
+def recalculate_stats(project_slug: str) -> None:

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/backup/recalculate_stats.py` around lines 6 - 9, Add "from __future__
import annotations" at the top of scripts/backup/recalculate_stats.py and
annotate all function signatures and public variables with type hints (e.g.,
main(), recalculate_stats(), any helper functions and their parameters/returns)
using PEP 484 style; ensure imports for typing (Optional, List, Dict, Any, Path)
are added where used and update local variable annotations inside functions
(e.g., os/path-related variables) so the module complies with the project's
type-hinting guidelines.

.github/workflows/cd.yml (1)

1-13: Serialize deploy runs for this environment.

Two manual dispatches can currently race on the same host and interleave git pull / docker compose operations. Adding a workflow-level concurrency group avoids overlapping production deploys.

Suggested change

 name: CD
 
 on:
   workflow_dispatch:
+
+concurrency:
+  group: production-cd
+  cancel-in-progress: false
 
 # Restrict GITHUB_TOKEN to the minimum (Scorecard / OpenSSF); deploy uses SSH secrets, not the token.
 permissions:
   contents: read

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/cd.yml around lines 1 - 13, Add a workflow-level
concurrency block to the "CD" workflow to serialize deploy runs so manual
dispatches cannot overlap; add a top-level concurrency stanza (not inside job)
with a stable group name that identifies this environment (e.g.,
"cd-deploy-production" or use an expression like github.workflow + "-deploy")
and set cancel-in-progress to false so new manual dispatches queue rather than
cancel running jobs; ensure the concurrency block is present for the workflow
named "CD" that contains the "deploy" job.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/cd.yml:
- Around line 29-30: Remove the destructive docker compose down step and perform
an in-place atomic replacement by running only the reconciliation command (keep
or update the existing docker compose up -d --build invocation); specifically,
delete the "docker compose down" invocation and ensure the workflow uses "docker
compose up -d --build" (optionally adding flags like --remove-orphans or
--no-recreate if desired) so the live stack is not torn down before the new
containers are ready.

In `@scripts/auto/setup_project.py`:
- Around line 50-53: Validate and sanitize the repository URL and branch before
building and running the git clone command: ensure clone_url (repo_url) uses an
allowed scheme (e.g., https or ssh/git@) by parsing it (reject unsafe schemes
like file:, data:, or empty strings) and normalize/whitelist acceptable
patterns, and validate branch against a strict regex (allow letters, digits,
dot, underscore, hyphen, slash; disallow leading hyphen or slash and control
characters) and reject or raise ValueError/exit if invalid; update the code
around cmd/subprocess.run (references: cmd, clone_url, branch, target_dir,
subprocess.run) to perform these checks and only call subprocess.run when both
validations pass.

In `@scripts/backup/restore_to_local.sh`:
- Around line 45-47: The current DB_SQL and FILES_ARCHIVE assignments use "find
... | head -n1" which is nondeterministic; update both assignments (DB_SQL and
FILES_ARCHIVE) to sort the matching filenames by name (use a stable
numeric/version aware sort such as sort -V or lexicographic reverse sort) and
then pick the first entry so the newest timestamped filename is chosen
deterministically; keep the existing find and sed steps but insert a pipe to
sort (e.g. sort -V -r or sort -r) before head -n1.

In `@scripts/spdx-license-list`:
- Line 1: The submodule reference in scripts/spdx-license-list points to an
unreachable SHA (f7b69b12cf4c063d9c42c0c72945978c87f3192c) on the remote; fix by
updating the submodule to a reachable commit or pushing that commit to the
remote. Locate the submodule entry in scripts/spdx-license-list (and .gitmodules
if present), change the commit to a valid SHA from
https://github.com/spdx/license-list-data.git (or re-add the correct remote and
push the missing commit), then run the usual submodule update (git submodule
sync && git submodule update --init --recursive) and commit the updated
submodule reference.

In `@weblate-docker`:
- Line 1: The submodule pointer currently references commit
9ba5d7396580ccda8bd4e34f109e59831d60f5be which is not on the tracked main
branch; update the submodule to a commit that exists on the main branch (e.g.,
the current main tip 64db60c585d76e0bb9e86ca24f3e67bd7825181e) by entering the
submodule directory, fetching remote refs, checking out or fast-forwarding to
main, updating the worktree to the desired main commit, then git-add and commit
the updated submodule pointer in the parent repository (ensure .gitmodules still
tracks branch = main and push the parent repo commit).

In `@weblate/formats/quickbook.py`:
- Around line 110-125: The code currently logs a mismatch between tmpl_units and
trans_units using report_error but continues, leaving blank targets; change it
to abort the import by raising an exception after logging: in the block that
checks if len(tmpl_units) != len(trans_units) (and references tmpl_units,
trans_units, report_error, storefile_path, Path(storefile_path).name), call
report_error as now and then raise a descriptive exception (e.g., ValueError or
a custom ImportError) so the caller fails instead of returning a store with
empty targets; likewise ensure the outer except block that catches Exception as
exc still re-raises (after logging) so parse errors don’t get swallowed.

In `@weblate/settings_docker.py`:
- Around line 1497-1503: The new settings introduce nonconforming env names and
change the default sleep from 150s to 300s; rename the keys to follow the file's
WEBLATE_* convention (e.g., use WEBLATE_AUTO_BATCH_TRANSLATE_VIA_OPENROUTER and
WEBLATE_BOOST_ENDPOINT_ADD_TRANSLATION_SECONDS) and keep the default
BOOST_ENDPOINT_ADD_TRANSLATION_SECONDS value at 150 to preserve existing
behavior; update the get_env_bool/get_env_int calls that set
AUTO_BATCH_TRANSLATE_VIA_OPENROUTER and BOOST_ENDPOINT_ADD_TRANSLATION_SECONDS
accordingly so we don't alter the autobatch timing used by
add_new_language/time.sleep(ADD_TRANSLATION_SECONDS) in
weblate/boost_endpoint/services.py.

In `@weblate/trans/tasks.py`:
- Around line 822-825: When constructing the synthetic request (the
AuthenticatedHttpRequest instance) before invoking component methods, guard the
User.objects.get(pk=user_id) call against the user being deleted by catching the
User.DoesNotExist (or Exception) and leaving request as None; update the code
around AuthenticatedHttpRequest / request assignment so that if the lookup fails
you fall back to request = None (the component methods already accept
request=None). Apply the same change to the other similar block that creates the
synthetic request.

In `@weblate/utils/openrouter_translator.py`:
- Around line 142-150: The code currently only checks raw_content is None after
raw_content = completion.choices[0].message.content, but treats empty or
whitespace-only strings as valid and later fails in JSON parsing; update the
check so that after assigning raw_content you treat both None and
blank/whitespace-only values as invalid (e.g., if raw_content is None or not
raw_content.strip():), call self.log_error("Batch translation API returned empty
message content") and raise the same ValueError (or similar) before creating
response_text; this change should be applied in the method containing
raw_content/response_text handling in openrouter_translator.py so blank outputs
are rejected early.

---

Outside diff comments:
In `@weblate/boost_endpoint/services.py`:
- Around line 142-152: The clone failure path currently only logs and returns
False after running subprocess.run with check=False, which drops centralized
reporting; update the error handling so that when result.returncode != 0 you
call weblate.utils.errors.report_error(...) with the command, exit code and
stderr (alongside the existing LOGGER.error call) and then return False; locate
the block around subprocess.run (variables cmd and result) and ensure
report_error is imported/used to preserve centralized repository failure
reporting.
- Around line 694-700: The subprocess.run call performing git status (the
invocation using ["git", "-C", base_path, "status", "--porcelain"] with
capture_output/text/timeout/check=False) is currently swallowing failures; wrap
that call in a try/except and treat non-zero return codes as errors (or inspect
status.returncode) so the cleanup path does not silently proceed — on error
either raise or append a clear error to the component's error list/log and skip
marking the component as deleted; update the code around that subprocess.run
usage to use check=True or explicitly handle status.returncode != 0 and include
stderr in the error message so VCS failures are surfaced.

In `@weblate/formats/asciidoc.py`:
- Around line 1-18: This file is missing the required future import; add "from
__future__ import annotations" immediately after the license/header comment at
the top of the module (before any other imports) so that forward references use
postponed evaluation—place it above the existing imports (e.g., before os,
pathlib, shutil) in the weblate.formats.asciidoc module.

---

Nitpick comments:
In @.github/workflows/cd.yml:
- Around line 1-13: Add a workflow-level concurrency block to the "CD" workflow
to serialize deploy runs so manual dispatches cannot overlap; add a top-level
concurrency stanza (not inside job) with a stable group name that identifies
this environment (e.g., "cd-deploy-production" or use an expression like
github.workflow + "-deploy") and set cancel-in-progress to false so new manual
dispatches queue rather than cancel running jobs; ensure the concurrency block
is present for the workflow named "CD" that contains the "deploy" job.

In `@scripts/backup/recalculate_stats.py`:
- Around line 6-9: Add "from __future__ import annotations" at the top of
scripts/backup/recalculate_stats.py and annotate all function signatures and
public variables with type hints (e.g., main(), recalculate_stats(), any helper
functions and their parameters/returns) using PEP 484 style; ensure imports for
typing (Optional, List, Dict, Any, Path) are added where used and update local
variable annotations inside functions (e.g., os/path-related variables) so the
module complies with the project's type-hinting guidelines.

In `@weblate/formats/asciidoc.py`:
- Around line 65-68: The code currently imports STATE_FUZZY inside the function
(near existing_unit/state check) which is non-idiomatic; move the import of
STATE_FUZZY to the module level in weblate.formats.asciidoc (or, if this was to
avoid a circular import, add the import under a typing.TYPE_CHECKING guard and
reference the symbol at runtime via a local import only when necessary), then
remove the inner import and keep the existing_unit/state check and
thepo.markfuzzy(True) as-is; ensure the import references STATE_FUZZY exactly
and that no circular import is introduced.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ec030e55-6fc1-4d7a-b25b-b16dd8fc9e2d

📥 Commits

Reviewing files that changed from the base of the PR and between 9a01d2e and d13f672.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (30)

• .github/workflows/cd.yml
• .github/workflows/macos.yml
• .gitignore
• .gitmodules
• REUSE.toml
• codecov.yml
• docs/specs/openapi.yaml
• pyproject.toml
• scripts/auto/create_component_and_add_translation.py
• scripts/auto/setup_project.py
• scripts/backup/backup_from_server.sh
• scripts/backup/dump_database.sh
• scripts/backup/recalculate_stats.py
• scripts/backup/restore_to_local.sh
• scripts/backup/sync_database_to_files.py
• scripts/backup/update_push_urls.py
• scripts/spdx-license-list
• start-weblate.sh
• stop-weblate.sh
• weblate-docker
• weblate/boost_endpoint/services.py
• weblate/boost_endpoint/views.py
• weblate/formats/asciidoc.py
• weblate/formats/quickbook.py
• weblate/settings_docker.py
• weblate/trans/autobatchtranslate.py
• weblate/trans/models/component.py
• weblate/trans/tasks.py
• weblate/utils/openrouter_translator.py
• weblate/utils/quickbook.py

💤 Files with no reviewable changes (2)

• stop-weblate.sh
• start-weblate.sh