feat(scripts): add Python copyright header validation

[yash27-lab]

Added Python (.py) file support to the existing copyright header validation pipeline. Changes span the validation script, its Pester test suite, contributing documentation, and the Python coding-standards instructions file. Two commits from two contributors shape this PR: the original implementation adding .py to the scanner, and a follow-up adding negative test cases, documentation sections, and instruction file updates.

Script and Test Updates

Core validation change: the scanner now includes *.py in its default extension list, and the test suite covers Python-specific failure modes.

• Added *.py to the default FileExtensions parameter in Test-CopyrightHeaders.ps1 across three locations: parameter help text, script-level default, and function-level default
• Added three negative Python test cases in Test-CopyrightHeaders.Tests.ps1 using inline InlineData fixtures: missing-copyright.py, missing-spdx.py, and headers-too-late.py
• Added one positive test confirming the default extension list includes Python files
• Updated README.md (scripts/linting) to mention Python scripts and .py files in the purpose description and feature list

Documentation

• Added a Python Files subsection under both Header Format and Placement Rules in copyright-headers.md, documenting the #-prefixed copyright and SPDX header format and ordering relative to shebang lines and PEP 723 metadata blocks

Copilot Instructions

• Inserted copyright header (item 2) and SPDX identifier (item 3) into the file ordering list in python-script.instructions.md, shifted PEP 723 to item 4, and renumbered remaining items to 14
• Updated the PEP 723 placement text to reference copyright and SPDX headers, and added those lines to the PEP 723 code example

Related Issue(s)

Related to #883

Type of Change

Select all that apply:

Code & Documentation:

• Bug fix (non-breaking change fixing an issue)
• New feature (non-breaking change adding functionality)
• Breaking change (fix or feature causing existing functionality to change)
• Documentation update

Infrastructure & Configuration:

• GitHub Actions workflow
• Linting configuration (markdown, PowerShell, etc.)
• Security configuration
• DevContainer configuration
• Dependency update

AI Artifacts:

• Reviewed contribution with prompt-builder agent and addressed all feedback
• Copilot instructions (.github/instructions/*.instructions.md)
• Copilot prompt (.github/prompts/*.prompt.md)
• Copilot agent (.github/agents/*.agent.md)
• Copilot skill (.github/skills/*/SKILL.md)

Note for AI Artifact Contributors:

• Agents: Research, indexing/referencing other project (using standard VS Code GitHub Copilot/MCP tools), planning, and general implementation agents likely already exist. Review .github/agents/ before creating new ones.
• Skills: Must include both bash and PowerShell scripts. See Skills.
• Model Versions: Only contributions targeting the latest Anthropic and OpenAI models will be accepted. Older model versions (e.g., GPT-3.5, Claude 3) will be rejected.
• See Agents Not Accepted and Model Version Requirements.

Other:

• Script/automation (.ps1, .sh, .py)
• Other (please describe):

Sample Prompts (for AI Artifact Contributions)

User Request:
"Add copyright and SPDX headers to my Python script" or "Validate copyright headers in Python files."

Execution Flow:

1. Agent reads python-script.instructions.md and applies file ordering rules: shebang → copyright → SPDX → PEP 723 → module docstring → imports.
2. For validation: agent or script runs Test-CopyrightHeaders.ps1 with default extensions (now including *.py), scanning for copyright and SPDX lines within the first 15 lines.
3. Missing or misplaced headers are flagged with line-specific error messages.

Output Artifacts:

• Python files with correctly ordered headers (copyright at line 1 or 2, SPDX immediately after)
• Validation reports from Test-CopyrightHeaders.ps1 listing pass/fail per scanned file

Success Indicators:

• npm run validate:copyright passes with zero failures for Python files
• All 28 Pester tests pass including the 4 new Python-specific cases

For detailed contribution requirements, see:

• Common Standards: docs/contributing/ai-artifacts-common.md - Shared standards for XML blocks, markdown quality, RFC 2119, validation, and testing
• Agents: docs/contributing/custom-agents.md - Agent configurations with tools and behavior patterns
• Prompts: docs/contributing/prompts.md - Workflow-specific guidance with template variables
• Instructions: docs/contributing/instructions.md - Technology-specific standards with glob patterns
• Skills: docs/contributing/skills.md - Task execution utilities with cross-platform scripts

Testing

Automated validation performed by the agent:

Check	Command	Result
Markdown linting	npm run lint:md	✅ 0 errors
Spell checking	npm run spell-check	✅ 0 issues
Frontmatter validation	npm run lint:frontmatter	✅ Passed
Skill validation	npm run validate:skills	✅ 2 skills, 0 errors
Link validation	npm run lint:md-links	⚠️ Pre-existing SUPPORT.md failure (unrelated)
PowerShell analysis	npm run lint:ps	✅ All files passed
Plugin freshness	npm run plugin:generate	✅ No uncommitted changes

Additional testing:

• Pester tests: 28/28 tests passed, including 4 new Python-specific cases (3 negative, 1 positive)
• Security analysis: No secrets, credentials, privilege escalation, or dependency additions detected in the diff
• Manual testing was not performed

Checklist

Required Checks

• Documentation is updated (if applicable)
• Files follow existing naming conventions
• Changes are backwards compatible (if applicable) (N/A — additive changes only; no existing behavior modified)
• Tests added for new functionality (if applicable)

AI Artifact Contributions

• Used /prompt-analyze to review contribution
• Addressed all feedback from prompt-builder review
• Verified contribution follows common standards and type-specific requirements

Required Automated Checks

The following validation commands must pass before merging:

• Markdown linting: npm run lint:md
• Spell checking: npm run spell-check
• Frontmatter validation: npm run lint:frontmatter
• Skill structure validation: npm run validate:skills
• Link validation: npm run lint:md-links (pre-existing SUPPORT.md failure; unrelated to this PR)
• PowerShell analysis: npm run lint:ps
• Plugin freshness: npm run plugin:generate

Security Considerations

• This PR does not contain any sensitive or NDA information
• Any new dependencies have been reviewed for security issues (N/A — no dependency changes)
• Security-related scripts follow the principle of least privilege (N/A — no security scripts modified)

Additional Notes

This PR was contributed by @yash27-lab with maintainer-added test coverage, documentation, and instruction updates to close the gaps identified during review.

[WilliamBerryiii]

Thanks for this PR, @yash27-lab! Great work adding Python support to the copyright header validation. 🎉

I pushed a follow-up commit (f71ae96) to your branch that builds on your changes with a few additions:

• Negative test fixtures — Added 3 Pester tests for Python files with missing copyright, missing SPDX, and headers placed too late in the file (mirrors the existing PowerShell negative tests).
• Copyright headers documentation — Added a "Python Files" section under Header Format and Python-specific placement rules to docs/contributing/copyright-headers.md.
• Python script instructions — Updated the file ordering in .github/instructions/coding-standards/python-script.instructions.md to include copyright/SPDX headers after the shebang, and updated the PEP 723 inline metadata example and placement text accordingly.

All 28 tests pass. Let me know if you have any questions about the changes!

[yash27-lab]

thanks bill really appreciate the follow up changes and the extra test and docs coverage i reviewed the updates and they look good to me no questions from my side

…

On Thu, Mar 5, 2026 at 7:44 PM Bill Berry ***@***.***> wrote: *WilliamBerryiii* left a comment (microsoft/hve-core#905) <#905 (comment)> Thanks for this PR, @yash27-lab <https://github.com/yash27-lab>! Great work adding Python support to the copyright header validation. 🎉 I pushed a follow-up commit (f71ae96) to your branch that builds on your changes with a few additions: - *Negative test fixtures* — Added 3 Pester tests for Python files with missing copyright, missing SPDX, and headers placed too late in the file (mirrors the existing PowerShell negative tests). - *Copyright headers documentation* — Added a "Python Files" section under Header Format and Python-specific placement rules to docs/contributing/copyright-headers.md. - *Python script instructions* — Updated the file ordering in .github/instructions/coding-standards/python-script.instructions.md to include copyright/SPDX headers after the shebang, and updated the PEP 723 inline metadata example and placement text accordingly. All 28 tests pass. Let me know if you have any questions about the changes! — Reply to this email directly, view it on GitHub <#905 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ANBNCIRICEERX5KFBZNLUQ34PINNFAVCNFSM6AAAAACWI3P7M6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DAMBYG4ZTKOJZGQ> . You are receiving this because you were mentioned.Message ID: ***@***.***>

[WilliamBerryiii]

PR Title and Description Updated

The following changes were made to this pull request:

Title — Updated to conventional commit format: feat(scripts): add Python copyright header validation

Description — Rewritten using the repository PR template with:

• Structured change summary organized by significance (Script/Test Updates, Documentation, Copilot Instructions)
• Auto-detected change types: New feature, Documentation update, Copilot instructions, Script/automation
• Populated Sample Prompts section with user request, execution flow, output artifacts, and success indicators
• Testing table with results from 7 automated validation checks (lint:md, spell-check, lint:frontmatter, validate:skills, lint:md-links, lint:ps, plugin:generate)
• Checklist checkboxes completed per automated check results; N/A items annotated
• Pester results (28/28 pass) noted in the testing section

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.95%. Comparing base (68479d9) to head (a32748d).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #905   +/-   ##
=======================================
  Coverage   85.95%   85.95%           
=======================================
  Files          27       27           
  Lines        5185     5185           
=======================================
  Hits         4457     4457           
  Misses        728      728           

Flag	Coverage Δ
pester	85.95% <100.00%> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
scripts/linting/Test-CopyrightHeaders.ps1	88.99% <100.00%> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[yash27-lab]

Thanks bill

…

On Fri, Mar 6, 2026 at 9:05 PM Bill Berry ***@***.***> wrote: Merged #905 <#905> into main. — Reply to this email directly, view it on GitHub <#905 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ANBNCIRRZOKKSXQKG6MEN4L4PN7WZAVCNFSM6AAAAACWI3P7M6VHI2DSMVQWIX3LMV45UABCJFZXG5LFIV3GK3TUJZXXI2LGNFRWC5DJN5XDWMRTGM2DSNRVGEZDOMA> . You are receiving this because you were mentioned.Message ID: ***@***.***>