-
Notifications
You must be signed in to change notification settings - Fork 0
Sprint 08 Docs and CI hardening
This page was migrated from the paxman repositorys docs/sprints/ folder as part of the Sprint 11 repo springclean. The original git history is preserved in the paxman repo (commit 3121eb2 and earlier).
Duration: 2 weeks Goal: Build the documentation site (concepts + how-tos), add community files (CONTRIBUTING, CODE_OF_CONDUCT), harden CI (import-linter, pyright, interrogate, bandit, pip-audit as required checks), and ensure the README quickstart is verified end-to-end. Status: This is the sprint where Paxman becomes a polished, contribution-ready project. By end of sprint, a new contributor can ship a PR in <30 minutes.
-
docs/concepts/contracts.md— what contracts are, canonicalization, adapters, validation -
docs/concepts/capabilities.md— capability model, V1 surface, providers -
docs/concepts/planning.md— field-centric planning, heuristic chain, budget/policy -
docs/concepts/reconciliation.md— truth layers, merging, confidence, conflict -
docs/concepts/replay.md— replay hash, replay protocol, version compatibility -
docs/howto/add_adapter.md— step-by-step perEXTENDING.md§1 -
docs/howto/add_capability.md— perEXTENDING.md§2 -
docs/howto/add_inference_provider.md— perEXTENDING.md§3 -
docs/howto/replay_artifact.md— quick start -
docs/concepts/MIGRATION_GUIDE.md— for users moving from ad-hoc normalization to Paxman (skeleton, fill in V2 if time permits)
-
CONTRIBUTING.md— perDEVELOPMENT.md§11 -
CODE_OF_CONDUCT.md— Contributor Covenant v2.1 -
CHANGELOG.md— fill in[Unreleased]with v0.1.0, v0.2.0, ... entries (perDEVELOPMENT.md§10.2) .github/ISSUE_TEMPLATE/bug_report.md.github/ISSUE_TEMPLATE/feature_request.md.github/PULL_REQUEST_TEMPLATE.md
- Quickstart verified end-to-end (manual smoke by an engineer with a clean environment)
- Badges: CI status, PyPI version, license, Python versions
- "What Paxman is NOT" section (per
README.md§"What Paxman is NOT") - "When to use Paxman" vs "When to wrap Paxman"
- GitHub Actions CI: add
pyrightjob (cross-validation) - Add
interrogatecheck (100% docstring coverage on public surface) - Add
banditcheck (security lint) - Add
pip-auditcheck (dependency vulnerabilities) - Branch protection on
main(requires CI to pass; configured by repo admin) -
Makefiletargets verified:make ciruns all 9 CI checks
-
pyrightconfig.json(perPACKAGE_STRUCTURE.md§17.2) -
import-linterfull contract: all subsystem-layer rules -
interrogateconfiguration: 100% onsrc/paxman/api/andsrc/paxman/__init__.py
- Performance optimization (Sprint 9).
- PyPI publish (Sprint 10).
- External user validation (Sprint 10).
- Trusted publishing setup (Sprint 9).
- Mutation testing (V2).
| ID | Deliverable | Effort (id-ed) |
|---|---|---|
| D8.1 | docs/concepts/contracts.md |
2.0 |
| D8.2 | docs/concepts/capabilities.md |
1.5 |
| D8.3 | docs/concepts/planning.md |
1.5 |
| D8.4 | docs/concepts/reconciliation.md |
1.5 |
| D8.5 | docs/concepts/replay.md |
1.0 |
| D8.6 | docs/howto/add_adapter.md |
1.0 |
| D8.7 | docs/howto/add_capability.md |
1.0 |
| D8.8 | docs/howto/add_inference_provider.md |
1.0 |
| D8.9 | docs/howto/replay_artifact.md |
0.5 |
| D8.10 |
docs/concepts/MIGRATION_GUIDE.md (skeleton) |
0.5 |
| D8.11 | CONTRIBUTING.md |
1.0 |
| D8.12 |
CODE_OF_CONDUCT.md (Contributor Covenant v2.1) |
0.5 |
| D8.13 |
CHANGELOG.md (Keep a Changelog, filled in) |
0.5 |
| D8.14 | .github/ISSUE_TEMPLATE/bug_report.md |
0.3 |
| D8.15 | .github/ISSUE_TEMPLATE/feature_request.md |
0.3 |
| D8.16 | .github/PULL_REQUEST_TEMPLATE.md |
0.3 |
| D8.17 |
README.md updates: badges, quickstart verification, "What Paxman is NOT" |
0.5 |
| D8.18 | pyrightconfig.json |
0.3 |
| D8.19 | GitHub Actions CI: add pyright job |
0.5 |
| D8.20 | GitHub Actions CI: add interrogate job |
0.3 |
| D8.21 | GitHub Actions CI: add bandit job |
0.3 |
| D8.22 | GitHub Actions CI: add pip-audit job |
0.3 |
| D8.23 |
import-linter full contract (all subsystem-layer rules) |
1.0 |
| D8.24 | Branch protection on main (admin action) |
0.2 |
| D8.25 |
Makefile: verify all targets work |
0.3 |
| D8.26 | Update docs/adr/README.md to point to sprint-08-license-decision.md
|
0.1 |
Total: ~17.2 id-ed. Sized for 2 engineers × 2 weeks (1 on docs, 1 on CI/community).
| Type | Item | Notes |
|---|---|---|
| People | 2 engineers (1 technical writer, 1 DevOps-leaning dev) | Parallel: docs + CI |
| Tools | All Sprint 1-7 deps; bandit, pip-audit, interrogate, pyright (new dev deps) |
Install this sprint |
| Tests | All Sprint 1-7 deliverables | Done |
| External | GitHub repo admin access (for branch protection); Contributor Covenant license (CC-BY-4.0) | Standard |
| Docs | All existing *.md files; EXTENDING.md; SECURITY.md; TESTING_STRATEGY.md
|
Reference material |
| Tool | Version | Purpose | Notes |
|---|---|---|---|
| pyright | ≥ 1.1 | Type check (cross-validation) | Already planned; new dev dep |
| interrogate | ≥ 1.7 | Docstring coverage | Already planned |
| bandit | latest | Security lint | Already planned |
| pip-audit | latest | Dependency vulnerability scan | Already planned |
| sphinx | latest | (Optional) Docs site build | V2; Sprint 8 uses Markdown directly |
None. Branch protection is configured in GitHub UI; no API key needed.
- All 5
docs/concepts/docs exist and are linked fromREADME.mdanddocs/README.md. - All 4
docs/howto/docs exist and are linked fromREADME.mdandEXTENDING.md. -
CONTRIBUTING.md,CODE_OF_CONDUCT.md,CHANGELOG.mdexist and are linked fromREADME.md. - The 3 GitHub issue/PR templates are present and visible when opening a new issue/PR.
-
pyrightpasses on the public surface. -
interrogatereports 100% onsrc/paxman/api/andsrc/paxman/__init__.py. -
banditis clean. -
pip-auditis clean (no Critical/High CVEs in dev or prod deps). - Branch protection on
mainrequires CI to pass. -
make ciruns all 9 CI checks end-to-end (lint, format, mypy, pyright, import-linter, test, interrogate, bandit, pip-audit). - The README quickstart is verified end-to-end by a clean-environment manual smoke test.
- A new contributor can:
- Fork the repo
- Run
make install - Open a PR with a doc typo
- Pass all 9 CI checks
- Get a review and merge
In <30 minutes (per
DEVELOPMENT.md§11).
-
make ciis green.
| Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|
| Docs are written but the underlying code is wrong, so the docs are wrong | Low | High | Docs PR must include a code snippet that runs (test the snippet in CI). |
interrogate 100% gate is too strict for new code |
Low | Medium | Allow # noqa: D for tests only. The gate is on src/paxman/, not tests/. |
pyright and mypy disagree on a specific construct |
Medium | Medium | Pick one as the source of truth (mypy). The other (pyright) is for cross-validation; fix pyright errors as a separate pass. |
bandit flags a false positive (e.g., assert in tests) |
Low | Low | Use # nosec with a justification. Or, in pyproject.toml, configure bandit to skip tests. |
pip-audit finds a CVE in a dev dep |
Medium | Medium | Upgrade the dev dep. If no upgrade available, use a pip-audit ignore with a justification. Block on Critical/High only. |
| Branch protection is misconfigured and blocks legitimate PRs | Low | High | Test the branch protection with a throwaway PR first. Document the protection rules in CONTRIBUTING.md. |
CODE_OF_CONDUCT.md is not the latest version of Contributor Covenant |
Low | Low | Use v2.1 (the most recent stable version as of 2026). |
CHANGELOG.md becomes inconsistent across versions |
Low | Medium | Adopt a strict format: every version has ### Added, ### Changed, ### Deprecated, ### Removed, ### Fixed, ### Security sections (per DEVELOPMENT.md §10.2). Add a release checklist. |
make ci is too slow (>10 min) |
Low | Low | Cache uv install in CI. Use matrix strategy to split slow jobs. |
| A new contributor's first PR is rejected for style/structure | Low | Medium | Pre-brief the team on the ADR-driven workflow. The PR template explicitly references docs/adr/README.md. |
-
../V1_ACCEPTANCE_CRITERIA.md§2.4 (Documentation), §3.2 (Release), §3.3 (Repository), §4 (Documentation criteria). -
../DEVELOPMENT.md§10, §11. -
../EXTENDING.md— content fordocs/howto/. -
../ARCHITECTURE.md— content fordocs/concepts/. -
../REPLAY_AND_DETERMINISM.md— content fordocs/concepts/replay.md. -
../SECURITY.md— content forCONTRIBUTING.md(vulnerability reporting section). -
../TESTING_STRATEGY.md§11 — CI configuration reference. -
../docs/adr/README.md— MADR template for new ADRs.