Conversation
- Created pyproject.toml with all dependencies from Pipfile - Updated Makefile to use uv instead of pipenv - Updated GitHub Actions workflows (tests.yml, pylint.yml, playwright.yml) - Updated Dockerfile to use uv - Updated setup_e2e_tests.sh script - Updated README.md documentation - Updated .github/copilot-instructions.md Co-authored-by: gkorland <753206+gkorland@users.noreply.github.com>
| python -m pip install --upgrade pip | ||
| pip install pipenv | ||
| - name: Install uv | ||
| uses: astral-sh/setup-uv@v5 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| python -m pip install --upgrade pip | ||
| pip install pipenv | ||
| - name: Install uv | ||
| uses: astral-sh/setup-uv@v5 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium test
- Generated uv.lock file with all dependencies - Removed Pipfile and Pipfile.lock - Updated pyproject.toml with hatch build config for api package Co-authored-by: gkorland <753206+gkorland@users.noreply.github.com>
Dependency ReviewThe following issues were found:
Vulnerabilitiesuv.lock
License Issues.github/workflows/tests.yml
pyproject.toml
uv.lock
OpenSSF ScorecardScorecard details
Scanned Files
|
|
@claude[agent] please fix the CI and review the comment on the PR |
- Updated .github/workflows/tests.yml to use 'uv run python -m pytest' - Updated .github/workflows/pylint.yml to use 'uv run python -m pylint' - Updated Makefile test and lint commands to use 'python -m' syntax - Updated README.md and copilot-instructions.md with correct commands - Updated setup_e2e_tests.sh with correct pytest command This fixes the CI failures where uv couldn't find pytest/pylint executables. Co-authored-by: gkorland <753206+gkorland@users.noreply.github.com>
Fixed the CI failures in commit 8a6745f. The issue was that |
There was a problem hiding this comment.
Pull request overview
This PR migrates the project from Pipfile/pipenv to pyproject.toml/uv for faster dependency resolution and modern Python packaging standards (PEP 621). The migration removes the old Pipfile/Pipfile.lock and introduces pyproject.toml with hatchling as the build backend, along with a uv.lock file containing 135 resolved packages. All build tools, CI/CD workflows, and documentation have been updated to use uv commands instead of pipenv.
Changes:
- Converted Pipfile dependencies to pyproject.toml with PEP 621 compliance and configured hatchling build backend
- Updated Makefile, Dockerfile, setup scripts, and all CI/CD workflows to use uv instead of pipenv
- Updated README and copilot-instructions documentation to reflect the new uv-based workflow
Reviewed changes
Copilot reviewed 10 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pyproject.toml | New configuration file defining project metadata, dependencies, and build system with hatchling |
| uv.lock | Generated lockfile with 135 resolved packages and their exact versions |
| Pipfile | Removed old pipenv configuration |
| Dockerfile | Updated to use ghcr.io/astral-sh/uv image and uv sync commands |
| Makefile | Replaced all pipenv commands with uv equivalents (uv sync, uv run) |
| setup_e2e_tests.sh | Updated to check for uv installation and use uv commands |
| .github/workflows/tests.yml | Uses astral-sh/setup-uv@v5 action instead of pipenv installation |
| .github/workflows/pylint.yml | Uses astral-sh/setup-uv@v5 action instead of pipenv installation |
| .github/workflows/playwright.yml | Uses astral-sh/setup-uv@v5 action instead of pipenv installation |
| README.md | Updated all documentation to reference uv instead of pipenv |
| .github/copilot-instructions.md | Updated setup instructions and troubleshooting guide for uv |
| [tool.pytest.ini_options] | ||
| testpaths = ["tests"] | ||
| python_files = ["test_*.py"] | ||
| python_classes = ["Test*"] | ||
| python_functions = ["test_*"] | ||
| addopts = "-v" | ||
|
|
There was a problem hiding this comment.
The pyproject.toml now includes pytest configuration that duplicates settings in pytest.ini. The pytest.ini file has more comprehensive settings including markers (e2e, slow, auth, integration, unit), filterwarnings, and additional addopts like --strict-markers and --disable-warnings. Consider either removing pytest.ini and migrating all settings to pyproject.toml, or removing the duplicate [tool.pytest.ini_options] section from pyproject.toml to avoid configuration conflicts. For consistency in modern Python projects, consolidating all tool configuration in pyproject.toml is recommended.
| [tool.pytest.ini_options] | |
| testpaths = ["tests"] | |
| python_files = ["test_*.py"] | |
| python_classes = ["Test*"] | |
| python_functions = ["test_*"] | |
| addopts = "-v" |
| # Install Python dependencies from pyproject.toml | ||
| RUN uv sync --frozen --no-dev |
There was a problem hiding this comment.
The Dockerfile uses 'uv sync --frozen --no-dev' which installs only production dependencies. However, this approach expects an activated virtual environment. Since the Dockerfile doesn't create or activate a virtual environment and doesn't set UV_SYSTEM_PYTHON=1, uv will create a virtual environment at /app/.venv by default. Consider either: (1) adding 'ENV UV_SYSTEM_PYTHON=1' before the uv sync command to install packages system-wide, which matches the previous pipenv behavior with --system flag, or (2) explicitly activating the virtual environment in subsequent RUN commands and the ENTRYPOINT.
|
@claude[agent] please resolve the conflicts in this PR |
|
@gkorland Unfortunately I hit an unexpected error while processing your comment. I've automatically reported this to GitHub. You can ask me to try again later by mentioning me in a new comment. If you want to contact GitHub about this error, please mention the following identifier so they can better serve you: Sorry for the inconvenience! |
Original prompt