Restructure repository for release automation and remove generated artifacts from git #51
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull Request Overview
This PR restructures the repository to separate source rules from generated IDE bundles, implementing a manual release workflow instead of automated commits. The key change is treating IDE-specific formats as build artifacts (not committed to git), while keeping only the unified source rules (sources/) and Claude Code plugin (skills/) in version control.
Key Changes:
- Reorganized repository:
rules/→sources/core/andsources/owasp/, generated output →dist/ - Removed IDE-generated files from git (
.cursor/,.windsurf/,.github/instructions/) - Implemented manual release workflow with version validation and artifact building
- Renamed and enhanced
unified_to_all.py→convert_to_ide_formats.pywith better validation
Reviewed Changes
Copilot reviewed 86 out of 197 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/validate_versions.py | New script for validating version consistency across pyproject.toml and plugin metadata files |
| src/validate_unified_rules.py | Updated to recursively validate rules in sources/ directory structure |
| src/unified_to_all.py | Deleted; replaced by convert_to_ide_formats.py |
| src/formats/claudecode.py | Removed outputs_to_ide_rules() method (no longer needed) |
| src/formats/base.py | Removed outputs_to_ide_rules() method from base class |
| src/converter.py | Removed outputs_to_ide_rules field from FormatOutput dataclass |
| src/convert_to_ide_formats.py | New conversion script with enhanced validation, Claude Code handling, and multi-source support |
| ide_rules/* | All generated IDE rule files deleted (now build artifacts in dist/) |
| docs/getting-started.md | Updated installation instructions for new release ZIP structure |
| docs/faq.md | Updated references from additional_rules/ to sources/owasp/ |
| docs/claude-code-skill-plugin.md | Updated documentation for new build process and directory structure |
| additional_rules/owasp/* | Two duplicate rule files deleted (already in core) |
| README.md | Updated with new repository structure and developer workflow |
| .github/workflows/generate-ide-rules.yml | Deleted automated rule generation workflow |
Comments suppressed due to low confidence (1)
src/validate_versions.py:1
- [nitpick] The condition uses
not inwhich checks substring existence. For marker validation in structured files, consider using a more explicit check that validates both markers are present and properly ordered (start_marker appears before end_marker). This would catch cases where markers exist but are in wrong order or duplicated.
#!/usr/bin/env python3
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 86 out of 197 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
src/validate_versions.py:1
- Corrected error message text from 'Invalid SKILLS.md template' to 'Invalid SKILL.md template' since the actual filename is 'SKILL.md' (singular), not 'SKILLS.md'.
#!/usr/bin/env python3
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
The restructure looks good. We will need to carefully document it everywhere. |
Removes generated IDE files from git (treating them as build artifacts), reorganizes source rules for clarity, and implements a manual release workflow that builds artifacts on-demand.
Key Changes
1. Repository Structure
Before:
rules/andadditional_rules/owasp/mixed source and generated filesAfter:
sources/core/- 22 curated rules (released by default)sources/owasp/- 86 supplementary rules (optional)dist/- Generated IDE bundles (not committed)skills/- Claude Code plugin (committed, distributed via plugin system)Removed duplicates: Deleted 2 OWASP rules (
codeguard-0-iac-security.md,codeguard-0-logging.md) already present in core.2. Generated Files No Longer Committed
Deleted: 66 IDE-specific files (
.cursor/,.windsurf/,.github/instructions/)Why treat IDE formats as build artifacts:
sources/only)Exception:
skills/(Claude Code plugin) remains committed for plugin distribution3. Release Process: Manual Instead of Automated
Old: Auto-generated IDE rules on every push, auto-committed back to repo
New: Manual version bump → create GitHub release → CI builds and uploads ZIPs
Why no automated release PRs:
4. Technical Improvements
New scripts:
validate_versions.py(132 lines) - Version validationconvert_to_ide_formats.py(339 lines) - Replacesunified_to_all.pywith better validationWorkflows:
generate-ide-rules.yml(no longer needed)validate-rules.yml(runs on PRs, validates without committing)build-ide-bundles.yml(runs on release, builds ZIPs)