Root Cause
.github/workflows/copilot-setup-steps.yml only installs the gh-aw CLI extension. It does not install uv or the project's Python dependencies. As a result, when the Copilot coding agent runs in its sandbox environment, every project tool fails:
$ uv run pytest ... → bash: uv: command not found
$ uv run ruff check . → bash: uv: command not found
$ uv run pyright → bash: uv: command not found
$ make check → all targets use uv run ...
This means the agent cannot:
- Run the test suite to check correctness
- Run
pyright to catch type errors before committing
- Run
ruff to catch lint violations
- Run
bandit for security checks
- Execute
make check (the recommended pre-push check from CODING_GUIDELINES.md)
Impact
The agent generates code changes but cannot verify them locally — it must rely entirely on CI feedback after pushing. This increases the rate of back-and-forth fix cycles and reduces code quality for agent-generated PRs. Every issue-implementer, ci-fixer, and code-health workflow invocation is affected.
Fix
Add steps to copilot-setup-steps.yml to install uv and sync project dependencies:
- name: Install uv
uses: astral-sh/setup-uv@v5
- name: Install Python dependencies
run: uv sync --group dev
uv sync --group dev installs both runtime dependencies (pydantic, click, rich, loguru, watchdog) and dev dependencies (pytest, pytest-cov, pyright, ruff, bandit, diff-cover) as declared in pyproject.toml and locked in uv.lock. After this step, make check and all individual uv run ... commands work correctly.
Testing Requirement
There is no unit test for copilot-setup-steps.yml itself (it is a GitHub Actions workflow). Verification is done by:
- Triggering the
copilot-setup-steps workflow and confirming uv --version and python -c "import pydantic" succeed in the agent's environment.
- Confirming that a subsequent Copilot agent invocation can run
make check without errors about missing tools.
Generated by Code Health Analysis · ● 3.1M · ◷
Root Cause
.github/workflows/copilot-setup-steps.ymlonly installs thegh-awCLI extension. It does not installuvor the project's Python dependencies. As a result, when the Copilot coding agent runs in its sandbox environment, every project tool fails:This means the agent cannot:
pyrightto catch type errors before committingruffto catch lint violationsbanditfor security checksmake check(the recommended pre-push check fromCODING_GUIDELINES.md)Impact
The agent generates code changes but cannot verify them locally — it must rely entirely on CI feedback after pushing. This increases the rate of back-and-forth fix cycles and reduces code quality for agent-generated PRs. Every issue-implementer, ci-fixer, and code-health workflow invocation is affected.
Fix
Add steps to
copilot-setup-steps.ymlto installuvand sync project dependencies:uv sync --group devinstalls both runtime dependencies (pydantic, click, rich, loguru, watchdog) and dev dependencies (pytest, pytest-cov, pyright, ruff, bandit, diff-cover) as declared inpyproject.tomland locked inuv.lock. After this step,make checkand all individualuv run ...commands work correctly.Testing Requirement
There is no unit test for
copilot-setup-steps.ymlitself (it is a GitHub Actions workflow). Verification is done by:copilot-setup-stepsworkflow and confirminguv --versionandpython -c "import pydantic"succeed in the agent's environment.make checkwithout errors about missing tools.