ci: add ruff linting and mypy type checking

Add ruff and mypy to dev dependencies with configuration in pyproject.toml.
Add a lint CI job that runs ruff check, ruff format --check, and mypy.
Auto-fix import sorting and formatting across the codebase. Exclude
alembic/versions from linting (auto-generated migrations). Ignore B008
(FastAPI Depends pattern) and RUF001 (unicode in user-facing strings).

21 ruff lint errors and 50 mypy errors remain for manual review.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Justin Visser 2026-02-26 22:11:41 +01:00
parent 399276ea69
commit bf04c77aa9
137 changed files with 3066 additions and 1900 deletions

View file

@ -1,8 +1,8 @@
from __future__ import annotations
from secrets import token_urlsafe
import logging
import time
from secrets import token_urlsafe
from starlette.middleware.base import BaseHTTPMiddleware
from starlette.requests import Request
@ -63,7 +63,9 @@ class RequestLoggingMiddleware(BaseHTTPMiddleware):
should_log = self._log_requests and not self._is_skipped_path(request.url.path)
if should_log:
structured_log(
logger, "debug", "request.started",
logger,
"debug",
"request.started",
method=request.method,
path=request.url.path,
)
@ -86,7 +88,9 @@ class RequestLoggingMiddleware(BaseHTTPMiddleware):
response.headers[REQUEST_ID_HEADER] = request_id
if should_log:
structured_log(
logger, "debug", "request.completed",
logger,
"debug",
"request.completed",
method=request.method,
path=request.url.path,
status_code=response.status_code,
@ -164,11 +168,7 @@ class SecurityHeadersMiddleware(BaseHTTPMiddleware):
csp_policy = self._csp_policy_for_path(request.url.path)
if self._csp_enabled and csp_policy:
csp_header = (
"Content-Security-Policy-Report-Only"
if self._csp_report_only
else "Content-Security-Policy"
)
csp_header = "Content-Security-Policy-Report-Only" if self._csp_report_only else "Content-Security-Policy"
response.headers.setdefault(csp_header, csp_policy)
hsts = self._strict_transport_security_value()