From 0bf9522e5d90a20d94e567e80141d6dfc250bff6 Mon Sep 17 00:00:00 2001 From: Vinta Chen Date: Wed, 22 Apr 2026 02:21:48 +0800 Subject: [PATCH 1/4] chore: add uv supply-chain hardening and enforce locked installs - Set exclude-newer to 3 days and only-binary/:all: in pyproject.toml to limit dependency freshness window and block source builds - Switch uv sync to --locked in Makefile, ci.yml, and deploy-website.yml to enforce the lockfile rather than re-resolving on each install - Regenerate uv.lock with exclude-newer snapshot recorded Co-Authored-By: Claude --- .github/workflows/ci.yml | 2 +- .github/workflows/deploy-website.yml | 2 +- Makefile | 2 +- pyproject.toml | 7 +++++++ uv.lock | 4 ++++ 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f9ba0284..02898b64 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: enable-cache: true - name: Install dependencies - run: uv sync --group build + run: uv sync --group build --locked - name: Run tests run: make test diff --git a/.github/workflows/deploy-website.yml b/.github/workflows/deploy-website.yml index 8105c3cc..dd748bb5 100644 --- a/.github/workflows/deploy-website.yml +++ b/.github/workflows/deploy-website.yml @@ -31,7 +31,7 @@ jobs: enable-cache: true - name: Install dependencies - run: uv sync --group build + run: uv sync --group build --locked - name: Run tests if: github.event_name == 'schedule' diff --git a/Makefile b/Makefile index 8a0905f4..5b782549 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ export install: - uv sync + uv sync --locked fetch_github_stars: uv run python website/fetch_github_stars.py diff --git a/pyproject.toml b/pyproject.toml index 19abd760..06e008be 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -29,3 +29,10 @@ pythonpath = ["website"] [tool.ruff] line-length = 200 + +[tool.uv] +exclude-newer = "3 days" +no-build = true + +[tool.uv.pip] +only-binary = [":all:"] diff --git a/uv.lock b/uv.lock index ab136dee..88d2b273 100644 --- a/uv.lock +++ b/uv.lock @@ -2,6 +2,10 @@ version = 1 revision = 3 requires-python = ">=3.13" +[options] +exclude-newer = "2026-04-18T18:21:23.412234Z" +exclude-newer-span = "P3D" + [[package]] name = "anyio" version = "4.12.1" From e590d33b80b7fa04d4af14fddada3ea2998d9dee Mon Sep 17 00:00:00 2001 From: Semen Frolov Date: Tue, 21 Apr 2026 21:32:02 +0300 Subject: [PATCH 2/4] docs(ai-agents): add ag2 to Orchestration Co-Authored-By: Claude Opus 4.7 (1M context) --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 407ddf95..2380d13d 100644 --- a/README.md +++ b/README.md @@ -134,6 +134,7 @@ _Libraries for building AI applications, LLM integrations, and autonomous agents - [sentry-skills](https://github.com/getsentry/skills) - Python-focused engineering skills for code review, debugging, and backend workflows. - [trailofbits-skills](https://github.com/trailofbits/skills) - Python-friendly security skills for auditing, testing, and safer backend development. Also [skills-curated](https://github.com/trailofbits/skills-curated). - Orchestration + - [ag2](https://github.com/ag2ai/ag2) - An open-source AgentOS for multi-agent orchestration and building agentic AI systems. - [autogen](https://github.com/microsoft/autogen) - A programming framework for building agentic AI applications. - [bub](https://github.com/bubbuild/bub) - A lightweight, hook-first Python framework for channel-native agents that live alongside people. - [crewai](https://github.com/crewAIInc/crewAI) - A framework for orchestrating role-playing autonomous AI agents for collaborative task solving. From 976ae9420c5d2f6531a3e517d68215fc929ce61e Mon Sep 17 00:00:00 2001 From: Vinta Chen Date: Wed, 22 Apr 2026 03:49:01 +0800 Subject: [PATCH 3/4] replace pyre-check with pyrefly --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 407ddf95..0e80ff88 100644 --- a/README.md +++ b/README.md @@ -606,7 +606,7 @@ _Tools of static analysis, linters and code quality checkers. Also see [awesome- - [rope](https://github.com/python-rope/rope) - Rope is a python refactoring library. - Type Checkers - [awesome-python-typing](https://github.com/typeddjango/awesome-python-typing) - [mypy](https://github.com/python/mypy) - Check variable types during compile time. - - [pyre-check](https://github.com/facebook/pyre-check) - Performant type checking. + - [pyrefly](https://github.com/facebook/pyrefly) - A fast type checker and language server for Python, written in Rust. - [ty](https://github.com/astral-sh/ty) - An extremely fast Python type checker and language server. - [typeshed](https://github.com/python/typeshed) - Collection of library stubs for Python, with static types. - Type Annotations Generators From 9ac5e6ba98be142cd7b968a176fc7de9dde47387 Mon Sep 17 00:00:00 2001 From: Vinta Chen Date: Wed, 22 Apr 2026 03:50:02 +0800 Subject: [PATCH 4/4] fix description --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0e80ff88..cbd12b29 100644 --- a/README.md +++ b/README.md @@ -606,7 +606,7 @@ _Tools of static analysis, linters and code quality checkers. Also see [awesome- - [rope](https://github.com/python-rope/rope) - Rope is a python refactoring library. - Type Checkers - [awesome-python-typing](https://github.com/typeddjango/awesome-python-typing) - [mypy](https://github.com/python/mypy) - Check variable types during compile time. - - [pyrefly](https://github.com/facebook/pyrefly) - A fast type checker and language server for Python, written in Rust. + - [pyrefly](https://github.com/facebook/pyrefly) - A fast type checker and language server for Python. - [ty](https://github.com/astral-sh/ty) - An extremely fast Python type checker and language server. - [typeshed](https://github.com/python/typeshed) - Collection of library stubs for Python, with static types. - Type Annotations Generators