diff --git a/.github/copilot/instructions.md b/.github/copilot/instructions.md new file mode 100644 index 0000000..8491ff2 --- /dev/null +++ b/.github/copilot/instructions.md @@ -0,0 +1,35 @@ +# GitHub Copilot Code Review Instructions + +## Overview +These instructions guide code review analysis for pull requests, focusing on security, style consistency, and documentation completeness. + +## Review Checklist + +### 1. Security Issues +- **Input Validation**: Verify that user inputs, external data, and file contents are properly validated and sanitized +- **Injection Attacks**: Check for SQL injection, command injection, and code injection vulnerabilities +- **Sensitive Data**: Ensure no hardcoded secrets, API keys, passwords, or sensitive credentials are exposed +- **Dependency Vulnerabilities**: Flag any deprecated or vulnerable dependencies +- **Access Control**: Verify proper authentication and authorization checks are in place +- **Error Handling**: Check that error messages don't leak sensitive information +- **File Operations**: Ensure safe file handling with proper path validation and permissions checks + +### 2. Style Consistency +- **Naming Conventions**: Check that variables, functions, and classes follow project naming conventions +- **Documentation**: Verify docstrings are present in the public API and follow project conventions +- **Consistency with Existing Code**: Ensure new code matches the style and patterns used elsewhere in the project + +### 3. Changelog Updates +- **Behavioral Changes**: Verify that any changes to existing functionality are documented in CHANGELOG.md +- **Public API Changes**: Ensure additions, modifications, or removals of public APIs are logged +- **Breaking Changes**: Flag breaking changes and verify they are clearly documented +- **New Features**: Confirm new features are added to the changelog +- **Bug Fixes**: Check that significant bug fixes are documented +- **Versioning**: Verify that version updates align with semantic versioning principles + +## Reporting +When reviewing code, provide clear feedback indicating: +- Which category the issue falls under (Security, Style, or Changelog) +- The specific concern or violation +- A suggestion for resolution where applicable +- Severity level (critical, high, medium, low) diff --git a/.instructions.md b/.instructions.md new file mode 100644 index 0000000..f1b48a2 --- /dev/null +++ b/.instructions.md @@ -0,0 +1,3 @@ +# GitHub Copilot Code Review Instructions + +- Load the instructions file from [.github/copilot/instructions.md](.github/copilot/instructions.md) diff --git a/CHANGELOG.md b/CHANGELOG.md index 78f41e0..a0bedad 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Changed + +- Update flake8-import-order to remove warnings from output (#305) + +## [0.5.0] - 2026-05-14 + ### Added - Add vim/neovim integration instructions to README (#205) - Add VSCode integration instructions to README (#222) @@ -275,7 +281,8 @@ Release pipeline was broken, retrigger push to pypi.org ### Added - Initial Release 🚀 -[Unreleased]: https://github.com/ni/python-styleguide/compare/v0.4.9...main +[Unreleased]: https://github.com/ni/python-styleguide/compare/v0.5.0...main +[0.5.0]: https://github.com/ni/python-styleguide/compare/v0.4.9...v0.5.0 [0.4.9]: https://github.com/ni/python-styleguide/compare/v0.4.8...v0.4.9 [0.4.8]: https://github.com/ni/python-styleguide/compare/v0.4.7...v0.4.8 [0.4.7]: https://github.com/ni/python-styleguide/compare/v0.4.6...v0.4.7