chore: add ruff linter and pyright for Python test code

[Molter73]

Description

This add linter checks via ruff and static type analysis with pyright. In order to make it easier to review, there are 2 commits in this PR:

• First one adds the required bits for running ruff and pyright, both on CI and locally.
• Second one fixes all reported issues.

Most of the issues were pretty trivial and were fixed with ruff check --fix, most invasive change is adding type annotations to all functions and methods so pyright can work properly.

Checklist

• Patch has a change log entry OR does not need one.
• Investigated and inspected CI test results
• Updated documentation accordingly

Automated testing

• Added unit tests
• Added integration tests
• Added regression tests

If any of these don't apply, please comment below.

Testing Performed

Run the new make targets locally.

Summary by CodeRabbit

Release Notes

• Chores
  • Integrated automated linting and type checking into the CI pipeline for continuous validation of test code quality.
  • Added comprehensive type annotations across all integration tests to improve code robustness and maintainability.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

🗂️ Base branches to auto review (2)

• main
• ^release-*$

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Enterprise

Run ID: 4616278e-eaa2-4e12-b112-d814fdcb4e95

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• ✅ Review completed - (🔄 Check again to review again)

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch mauro/chore/add-test-linter

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 27.96%. Comparing base (1f487b9) to head (9bc97b4).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #784   +/-   ##
=======================================
  Coverage   27.96%   27.96%           
=======================================
  Files          21       21           
  Lines        2596     2596           
  Branches     2596     2596           
=======================================
  Hits          726      726           
  Misses       1867     1867           
  Partials        3        3           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

tests/event.py (1)

282-296: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Missing guard for None expected values.

The _diff_path method now accepts expected: str | Pattern[str] | None, but when expected is None, the current implementation will incorrectly record a diff. Line 295 evaluates None != actual as True (since actual is a string), causing an unwanted diff entry.

If expected is None, the intent is likely to skip validation entirely (e.g., when the test doesn't care about old_file or old_host_path in rename events). Add an early return when expected is None.

🛡️ Proposed fix

 def _diff_path(
     cls,
     diff: dict,
     name: str,
     expected: str | Pattern[str] | None,
     actual: str,
 ):
     """
     Compare paths with regex pattern support.
     """
+    if expected is None:
+        return
     if isinstance(expected, Pattern):
         if not expected.match(actual):
             diff[name] = {'expected': f'{expected}', 'actual': actual}
     elif expected != actual:
         diff[name] = {'expected': expected, 'actual': actual}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/event.py` around lines 282 - 296, The _diff_path method incorrectly
treats expected=None as a mismatch; update the function (named _diff_path) to
early-return when expected is None so no diff is recorded for unspecified
expectations, e.g., add a guard "if expected is None: return" at the start of
the method before the Pattern check so only strings or regex patterns are
validated and diff[name] is only set for real mismatches.

🧹 Nitpick comments (1)

.github/workflows/ci.yml (1)

102-117: 💤 Low value

Consider adding explicit permissions and disabling credential persistence.

The static analysis tool flagged potential security improvements for this job:

• No explicit permissions: block (defaults to broad permissions)
• persist-credentials: false not set in checkout action

While these are low-risk for a lint-only job without secrets, adding explicit minimal permissions follows security best practices.

🔒 Suggested hardening

  lint-tests:
    runs-on: ubuntu-24.04
+   permissions:
+     contents: read
    steps:
    - uses: actions/checkout@v4
      with:
        submodules: true
+       persist-credentials: false

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 102 - 117, The lint-tests job lacks
explicit permissions and doesn't disable credential persistence; update the job
"lint-tests" to add a minimal permissions: block (e.g., set contents: read and
other required actions to least privilege) and modify the actions/checkout step
by adding persist-credentials: false to prevent token persistence; ensure these
changes are applied within the lint-tests job definition to harden the workflow
while keeping the job's existing steps (setup-python, Lint commands) unchanged.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@tests/event.py`:
- Around line 282-296: The _diff_path method incorrectly treats expected=None as
a mismatch; update the function (named _diff_path) to early-return when expected
is None so no diff is recorded for unspecified expectations, e.g., add a guard
"if expected is None: return" at the start of the method before the Pattern
check so only strings or regex patterns are validated and diff[name] is only set
for real mismatches.

---

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 102-117: The lint-tests job lacks explicit permissions and doesn't
disable credential persistence; update the job "lint-tests" to add a minimal
permissions: block (e.g., set contents: read and other required actions to least
privilege) and modify the actions/checkout step by adding persist-credentials:
false to prevent token persistence; ensure these changes are applied within the
lint-tests job definition to harden the workflow while keeping the job's
existing steps (setup-python, Lint commands) unchanged.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Enterprise

Run ID: 1c591760-7cb3-4f5b-aad6-468fd5141754

📥 Commits

Reviewing files that changed from the base of the PR and between 1f487b9 and 9bc97b4.

📒 Files selected for processing (27)

• .github/workflows/ci.yml
• CHANGELOG.md
• Makefile
• ruff.toml
• tests/Makefile
• tests/conftest.py
• tests/event.py
• tests/pyrightconfig.json
• tests/ruff.toml
• tests/server.py
• tests/test_config_hotreload.py
• tests/test_editors/commons.py
• tests/test_editors/test_nvim.py
• tests/test_editors/test_sed.py
• tests/test_editors/test_vi.py
• tests/test_editors/test_vim.py
• tests/test_file_open.py
• tests/test_misc.py
• tests/test_path_chmod.py
• tests/test_path_chown.py
• tests/test_path_mkdir.py
• tests/test_path_rename.py
• tests/test_path_rmdir.py
• tests/test_path_unlink.py
• tests/test_rate_limit.py
• tests/test_wildcard.py
• tests/utils.py

💤 Files with no reviewable changes (1)

• ruff.toml

[ovalenti]

LGTM ! 🚀