From 2e1138a83855860598ecb897d5e979ddabc5a1ef Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 06:27:04 +0000 Subject: [PATCH 01/14] fix(ci): repair nightly deep assurance workflow --- .github/workflows/nightly-deep-assurance.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/nightly-deep-assurance.yml b/.github/workflows/nightly-deep-assurance.yml index d34d2685..ad7d570f 100644 --- a/.github/workflows/nightly-deep-assurance.yml +++ b/.github/workflows/nightly-deep-assurance.yml @@ -15,7 +15,7 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev,quality]' mutmut + - run: python -m pip install -e . pytest mutmut - run: python -m mutmut run --paths-to-mutate codewiki/src/enduser api_fuzz_and_contracts: @@ -27,7 +27,7 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev]' schemathesis + - run: python -m pip install -e . schemathesis - run: echo "No OpenAPI contract is currently published; add one to enable schemathesis targets." parser_fuzzing: @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: aquasecurity/trivy-action@0.30.0 + - uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: . @@ -68,5 +68,5 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev]' pytest-repeat + - run: python -m pip install -e . pytest pytest-repeat - run: python -m pytest tests/test_enduser_review_e2e.py --count=5 -q From 068489e40d2d4c11a3a37abb8c1693546a997cef Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 06:57:22 +0000 Subject: [PATCH 02/14] fix(ci): restore constrained nightly installs --- .github/workflows/nightly-deep-assurance.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nightly-deep-assurance.yml b/.github/workflows/nightly-deep-assurance.yml index ad7d570f..9a6997a8 100644 --- a/.github/workflows/nightly-deep-assurance.yml +++ b/.github/workflows/nightly-deep-assurance.yml @@ -15,7 +15,7 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e . pytest mutmut + - run: python -m pip install -e '.[dev,quality]' mutmut - run: python -m mutmut run --paths-to-mutate codewiki/src/enduser api_fuzz_and_contracts: @@ -27,7 +27,7 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e . schemathesis + - run: python -m pip install -e '.[dev]' schemathesis - run: echo "No OpenAPI contract is currently published; add one to enable schemathesis targets." parser_fuzzing: @@ -68,5 +68,5 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e . pytest pytest-repeat + - run: python -m pip install -e '.[dev]' pytest-repeat - run: python -m pytest tests/test_enduser_review_e2e.py --count=5 -q From f92244696c297cc76a48f77da1fbaa091b8400eb Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:12:14 +0000 Subject: [PATCH 03/14] fix(ci): use uv for nightly assurance installs --- .github/workflows/nightly-deep-assurance.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/nightly-deep-assurance.yml b/.github/workflows/nightly-deep-assurance.yml index 9a6997a8..c657e04c 100644 --- a/.github/workflows/nightly-deep-assurance.yml +++ b/.github/workflows/nightly-deep-assurance.yml @@ -15,7 +15,8 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev,quality]' mutmut + - run: python -m pip install uv + - run: uv pip install --system -e . pytest pytest-cov mutmut - run: python -m mutmut run --paths-to-mutate codewiki/src/enduser api_fuzz_and_contracts: @@ -27,7 +28,8 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev]' schemathesis + - run: python -m pip install uv + - run: uv pip install --system -e . schemathesis - run: echo "No OpenAPI contract is currently published; add one to enable schemathesis targets." parser_fuzzing: @@ -68,5 +70,6 @@ jobs: with: python-version: "3.12" cache: "pip" - - run: python -m pip install -e '.[dev]' pytest-repeat + - run: python -m pip install uv + - run: uv pip install --system -e . pytest pytest-cov pytest-repeat - run: python -m pytest tests/test_enduser_review_e2e.py --count=5 -q From a40931ecf3b3b6cbeb423473af145382d2176dca Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:15:25 +0000 Subject: [PATCH 04/14] fix(ci): configure mutmut path for nightly run --- .github/workflows/nightly-deep-assurance.yml | 2 +- pyproject.toml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/nightly-deep-assurance.yml b/.github/workflows/nightly-deep-assurance.yml index c657e04c..dc85b811 100644 --- a/.github/workflows/nightly-deep-assurance.yml +++ b/.github/workflows/nightly-deep-assurance.yml @@ -17,7 +17,7 @@ jobs: cache: "pip" - run: python -m pip install uv - run: uv pip install --system -e . pytest pytest-cov mutmut - - run: python -m mutmut run --paths-to-mutate codewiki/src/enduser + - run: python -m mutmut run api_fuzz_and_contracts: name: api_fuzz_and_contracts diff --git a/pyproject.toml b/pyproject.toml index 8f8bda89..9ab0a5e9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -160,6 +160,9 @@ source = ["codewiki"] show_missing = true skip_empty = true +[tool.mutmut] +paths_to_mutate = ["codewiki/src/enduser"] + [tool.bandit] exclude_dirs = ["tests", ".tmp_make", ".tmp_manual_review", ".tmp_manual_review_live"] targets = ["codewiki"] From 028cc24fa2a914a7615126eef75a7b1a882bbe54 Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:29:43 +0000 Subject: [PATCH 05/14] fix(ci): raise litellm vulnerability floor --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 9ab0a5e9..a74ed012 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -43,7 +43,7 @@ dependencies = [ "markdown-it-py>=3.0.0", "mcp>=1.23.0", "openai>=2.30.0", - "litellm>=1.83.0", + "litellm>=1.83.10", "pydantic>=2.11.7", "pydantic-settings>=2.10.1", "pydantic-ai>=1.56.0", diff --git a/requirements.txt b/requirements.txt index aac28461..275875a5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -20,7 +20,7 @@ anthropic>=0.52.0 markdown-it-py>=3.0.0 mcp>=1.23.0 openai>=2.30.0 -litellm>=1.83.0 +litellm>=1.83.10 pydantic>=2.11.7 pydantic-settings>=2.10.1 pydantic-ai>=1.56.0 From 28b13bd4244906b0baffbe7e7fc6506af653b804 Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:32:01 +0000 Subject: [PATCH 06/14] fix(ci): invoke mutmut via console script --- .github/workflows/nightly-deep-assurance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nightly-deep-assurance.yml b/.github/workflows/nightly-deep-assurance.yml index dc85b811..58f966fa 100644 --- a/.github/workflows/nightly-deep-assurance.yml +++ b/.github/workflows/nightly-deep-assurance.yml @@ -17,7 +17,7 @@ jobs: cache: "pip" - run: python -m pip install uv - run: uv pip install --system -e . pytest pytest-cov mutmut - - run: python -m mutmut run + - run: mutmut run api_fuzz_and_contracts: name: api_fuzz_and_contracts From e1824826795af6843f32a97848a41a3456702fb2 Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:36:50 +0000 Subject: [PATCH 07/14] fix(ci): restore nightly dependency resolution --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index a74ed012..8d442f91 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -42,7 +42,7 @@ dependencies = [ "anthropic>=0.52.0", "markdown-it-py>=3.0.0", "mcp>=1.23.0", - "openai>=2.30.0", + "openai>=2.24.0", "litellm>=1.83.10", "pydantic>=2.11.7", "pydantic-settings>=2.10.1", diff --git a/requirements.txt b/requirements.txt index 275875a5..a017e1e1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -19,7 +19,7 @@ tree-sitter-kotlin>=1.1.0 anthropic>=0.52.0 markdown-it-py>=3.0.0 mcp>=1.23.0 -openai>=2.30.0 +openai>=2.24.0 litellm>=1.83.10 pydantic>=2.11.7 pydantic-settings>=2.10.1 From f7c6fadc876c3506f78b18926c186a95b1774efd Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:41:04 +0000 Subject: [PATCH 08/14] fix(deps): slim pydantic-ai extras for CI --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 8d442f91..c18ec707 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -46,7 +46,7 @@ dependencies = [ "litellm>=1.83.10", "pydantic>=2.11.7", "pydantic-settings>=2.10.1", - "pydantic-ai>=1.56.0", + "pydantic-ai-slim[openai]>=1.56.0", "requests>=2.33.0", "tiktoken>=0.8.0", "python-dotenv>=1.1.1", diff --git a/requirements.txt b/requirements.txt index a017e1e1..61c30767 100644 --- a/requirements.txt +++ b/requirements.txt @@ -23,7 +23,7 @@ openai>=2.24.0 litellm>=1.83.10 pydantic>=2.11.7 pydantic-settings>=2.10.1 -pydantic-ai>=1.56.0 +pydantic-ai-slim[openai]>=1.56.0 requests>=2.33.0 tiktoken>=0.8.0 python-dotenv>=1.1.1 From 319cc241bd2b19521a7c582d237a7979053a6dfd Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 07:46:56 +0000 Subject: [PATCH 09/14] fix(ci): copy packaged templates into mutmut sandbox --- pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/pyproject.toml b/pyproject.toml index c18ec707..03e3858b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -162,6 +162,7 @@ skip_empty = true [tool.mutmut] paths_to_mutate = ["codewiki/src/enduser"] +also_copy = ["codewiki/templates"] [tool.bandit] exclude_dirs = ["tests", ".tmp_make", ".tmp_manual_review", ".tmp_manual_review_live"] From ee066895107a458e4edb4a2cbf954299f5c61440 Mon Sep 17 00:00:00 2001 From: TensorGymnastic <172276506+TensorGymnastic@users.noreply.github.com> Date: Tue, 12 May 2026 08:01:48 +0000 Subject: [PATCH 10/14] fix(ci): raise vulnerable dependency floors for osv scan --- pyproject.toml | 6 +++--- requirements.txt | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 03e3858b..39f031c7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -26,7 +26,7 @@ classifiers = [ dependencies = [ "click>=8.1.0", "keyring>=24.0.0", - "GitPython>=3.1.41", + "GitPython>=3.1.50", "Jinja2>=3.1.6", "tree-sitter>=0.23.2", "tree-sitter-language-pack>=0.8.0", @@ -49,7 +49,7 @@ dependencies = [ "pydantic-ai-slim[openai]>=1.56.0", "requests>=2.33.0", "tiktoken>=0.8.0", - "python-dotenv>=1.1.1", + "python-dotenv>=1.2.2", "rich>=14.1.0", "networkx>=3.5", "psutil>=7.0.0", @@ -58,7 +58,7 @@ dependencies = [ "mermaid-py>=0.8.0", "fastapi>=0.135.2", "uvicorn>=0.35.0", - "python-multipart>=0.0.22", + "python-multipart>=0.0.27", "colorama>=0.4.6", "logfire>=4.1.0" ] diff --git a/requirements.txt b/requirements.txt index 61c30767..4ba6e235 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ # `[project.dependencies]` in `pyproject.toml`. click>=8.1.0 keyring>=24.0.0 -GitPython>=3.1.41 +GitPython>=3.1.50 Jinja2>=3.1.6 tree-sitter>=0.23.2 tree-sitter-language-pack>=0.8.0 @@ -26,7 +26,7 @@ pydantic-settings>=2.10.1 pydantic-ai-slim[openai]>=1.56.0 requests>=2.33.0 tiktoken>=0.8.0 -python-dotenv>=1.1.1 +python-dotenv>=1.2.2 rich>=14.1.0 networkx>=3.5 psutil>=7.0.0 @@ -35,6 +35,6 @@ mermaid-parser-py>=0.0.2 mermaid-py>=0.8.0 fastapi>=0.135.2 uvicorn>=0.35.0 -python-multipart>=0.0.22 +python-multipart>=0.0.27 colorama>=0.4.6 logfire>=4.1.0 From 4cefc79d95477cb35e5eec4f7800fa4c50606326 Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 08:04:12 +0000 Subject: [PATCH 11/14] fix(deps): bound pydantic-ai-slim for litellm compatibility --- pyproject.toml | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 39f031c7..eb8e1fa6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -46,7 +46,7 @@ dependencies = [ "litellm>=1.83.10", "pydantic>=2.11.7", "pydantic-settings>=2.10.1", - "pydantic-ai-slim[openai]>=1.56.0", + "pydantic-ai-slim[openai]>=1.56.0,<1.67.0", "requests>=2.33.0", "tiktoken>=0.8.0", "python-dotenv>=1.2.2", diff --git a/requirements.txt b/requirements.txt index 4ba6e235..a5e00461 100644 --- a/requirements.txt +++ b/requirements.txt @@ -23,7 +23,7 @@ openai>=2.24.0 litellm>=1.83.10 pydantic>=2.11.7 pydantic-settings>=2.10.1 -pydantic-ai-slim[openai]>=1.56.0 +pydantic-ai-slim[openai]>=1.56.0,<1.67.0 requests>=2.33.0 tiktoken>=0.8.0 python-dotenv>=1.2.2 From 3b5eace71e07cdadfbbe6d5b05b0f76916c48676 Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 08:06:31 +0000 Subject: [PATCH 12/14] fix(ci): copy package metadata into mutmut sandbox --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index eb8e1fa6..facba3d7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -162,7 +162,7 @@ skip_empty = true [tool.mutmut] paths_to_mutate = ["codewiki/src/enduser"] -also_copy = ["codewiki/templates"] +also_copy = ["codewiki/__init__.py", "codewiki/templates"] [tool.bandit] exclude_dirs = ["tests", ".tmp_make", ".tmp_manual_review", ".tmp_manual_review_live"] From 49444c978ff6052a4f8c97de9af10970bbb8105e Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 08:11:23 +0000 Subject: [PATCH 13/14] fix(ci): copy enduser package assets into mutmut workspace --- pyproject.toml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index facba3d7..5fa08b05 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -162,7 +162,11 @@ skip_empty = true [tool.mutmut] paths_to_mutate = ["codewiki/src/enduser"] -also_copy = ["codewiki/__init__.py", "codewiki/templates"] +also_copy = [ + "codewiki/__init__.py", + "codewiki/prompts", + "codewiki/templates", +] [tool.bandit] exclude_dirs = ["tests", ".tmp_make", ".tmp_manual_review", ".tmp_manual_review_live"] From efc304520d2baefe5dbe5b2d099e4d1d54c4740b Mon Sep 17 00:00:00 2001 From: Hermes Agent Date: Tue, 12 May 2026 08:33:34 +0000 Subject: [PATCH 14/14] fix(ci): copy CLI package into mutmut workspace --- pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/pyproject.toml b/pyproject.toml index 5fa08b05..e292dfba 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -164,6 +164,7 @@ skip_empty = true paths_to_mutate = ["codewiki/src/enduser"] also_copy = [ "codewiki/__init__.py", + "codewiki/cli", "codewiki/prompts", "codewiki/templates", ]