Skip to content

Repo hardening: fix install instructions, dead imports, hygiene#1

Open
cognis-digital wants to merge 4 commits into
mainfrom
cognis-audit/repo-hardening
Open

Repo hardening: fix install instructions, dead imports, hygiene#1
cognis-digital wants to merge 4 commits into
mainfrom
cognis-audit/repo-hardening

Conversation

@cognis-digital

@cognis-digital cognis-digital commented Jun 12, 2026
edited
Loading

Copy link
Copy Markdown
Owner

This PR applies a few small, mechanically-verified hardening fixes found by an automated audit of the Cognis suite:

  • fix 2 broken pip install line(s) in README (package is not on PyPI; use the working git+https install)
  • remove 4 unused import(s) (ruff F401/F811)

Each change is deterministic; all touched Python files were confirmed to still compile (py_compile) before this PR was opened.

@cognis-digital
Repo hardening: install instructions, dead imports, hygiene
048c238 
- fix 2 broken `pip install` line(s) in README (package is not on PyPI; use the working git+https install)
- remove 4 unused import(s) (ruff F401/F811)
github-actions[bot]
github-actions Bot reviewed Jun 12, 2026
View reviewed changes

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your first PR! 🚀 A maintainer will review under the collaboration-pull model (see CONTRIBUTING.md).

@cognis-digital cognis-digital force-pushed the cognis-audit/repo-hardening branch from 09fc0aa to 048c238 Compare June 12, 2026 22:04
Cognis Digital added 3 commits June 13, 2026 08:20
Fix stale smoke tests and add plain-language overview with install in…
a96e262 
…structions

- Add TOOL_NAME and TOOL_VERSION constants to core.py (imported by __init__.py
  and required by the CLI; their absence broke all imports)
- Rewrite top-level tests/test_smoke.py: the stale fixture imported a non-
  existent scan function; replace with real API tests that assert correct behaviour
- Insert What is this layman overview in README via cognis:layman markers
- Add comprehensive Install section and install.sh / install.ps1 scripts
- All 25 tests green
docs: add Domains section (suite taxonomy + JTF MERIDIAN mapping)
2a4e6bf
harden: input validation, error handling, and edge-case tests
08dabaf 
- core: validate add_model() args (non-negative prices, positive context window,
  non-empty name); validate estimate() rejects negative input/output_tokens;
  guard count_tokens() against None input
- cli: wrap _read_input() file open in try/except (exits 2 with clear message);
  validate --output-tokens >= 0 in count/budget; validate --max-cost and
  --max-tokens >= 0 in budget; guard _emit() against empty rows list
- mcp_server: fix broken import of non-existent scan/to_json; expose
  tokenmeter_estimate() using the real estimate() API with error handling
- webhook: validate URL scheme (http/https), guard empty stdin payload,
  split multiple imports on one line, add --timeout CLI flag
- tests: 13 new tests covering missing file (exit 2), negative token args (exit 2),
  negative budget args (exit 2), None/empty to count_tokens, add_model
  validation errors, mcp_server importable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cognis-digital