From 45501c93c687643d06dd812dbf0b595eb49ada14 Mon Sep 17 00:00:00 2001 From: Noah Stapp Date: Tue, 3 Mar 2026 11:39:32 -0800 Subject: [PATCH 1/3] PYTHON-5742 - Add Copilot instructions --- .github/copilot-instructions.md | 44 +++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 .github/copilot-instructions.md diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md new file mode 100644 index 0000000000..1fb40a4a6c --- /dev/null +++ b/.github/copilot-instructions.md @@ -0,0 +1,44 @@ +When reviewing code, focus on: + +## Security Critical Issues +- Check for hardcoded secrets, API keys, or credentials +- Check for instances of potential method call injection, dynamic code execution, symbol injection or other code injection vulnerabilities. + +## Performance Red Flags +- Spot inefficient loops and algorithmic issues. +- Check for memory leaks and resource cleanup. + +## Code Quality Essentials +- Methods should be focused and appropriately sized. If a method is doing too much, suggest refactorings to split it up. +- Use clear, descriptive naming conventions. +- Avoid encapsulation violations and ensure proper separation of concerns. +- All public classes, modules, and methods should have clear documentation in Sphinx format. + +## PyMongo-specific Concerns +- Do not review files within `pymongo/synchronous` or files in `test/` that also have a file of the same name in `test/asynchronous` unless the reviewed changes include a `_IS_SYNC` statement. PyMongo generates these files from `pymongo/asynchronous` and `test/asynchronous` using `tools/synchro.py`. +- All asynchronous functions must not call any blocking I/O. + +## Review Style +- Be specific and actionable in feedback. +- Explain the "why" behind recommendations. +- Acknowledge good patterns when you see them. +- Ask clarifying questions when code intent is unclear. + +Always prioritize security vulnerabilities and performance issues that could impact users. + +Always suggest changes to improve readability and testability. For example, this suggestion seeks to make the code more readable, reusable, and testable: + +```python +# Instead of: +if user.email and user.email.contains("@") and len(user.email) > 5: + submit_button.enabled = True +else: + submit_button.enabled = False + +# Consider: +def valid_email(email): + return email and email.contains("@") and len(email) > 5 + + +submit_button.enabled = valid_email(user.email) +``` From 68b0b278cb7d6d50a22a073b703e80e5e75e0e8e Mon Sep 17 00:00:00 2001 From: Noah Stapp Date: Tue, 3 Mar 2026 11:41:52 -0800 Subject: [PATCH 2/3] Formatting --- .github/copilot-instructions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 1fb40a4a6c..1dab4d3c69 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -1,7 +1,7 @@ When reviewing code, focus on: ## Security Critical Issues -- Check for hardcoded secrets, API keys, or credentials +- Check for hardcoded secrets, API keys, or credentials. - Check for instances of potential method call injection, dynamic code execution, symbol injection or other code injection vulnerabilities. ## Performance Red Flags From e6ad8efeeac51740d0fc2790c2816182a3d4a085 Mon Sep 17 00:00:00 2001 From: Noah Stapp Date: Tue, 3 Mar 2026 14:27:37 -0800 Subject: [PATCH 3/3] Use in instead of contains --- .github/copilot-instructions.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/copilot-instructions.md b/.github/copilot-instructions.md index 1dab4d3c69..b67cb49aca 100644 --- a/.github/copilot-instructions.md +++ b/.github/copilot-instructions.md @@ -30,14 +30,14 @@ Always suggest changes to improve readability and testability. For example, this ```python # Instead of: -if user.email and user.email.contains("@") and len(user.email) > 5: +if user.email and "@" in user.email and len(user.email) > 5: submit_button.enabled = True else: submit_button.enabled = False # Consider: def valid_email(email): - return email and email.contains("@") and len(email) > 5 + return email and "@" in email and len(email) > 5 submit_button.enabled = valid_email(user.email)