Quality pass: harden generator, fix relative server URLs, shorten spec names

[zanni098]

Summary

Quality-focused pass that fixes real bugs blocking the generated CLI from being usable, plus adds the missing runtime test layer.

Bugs fixed

• Spec naming: swagger-petstore-openapi-3-0-dt-cli / SWAGGER_PETSTORE_OPENAPI_3_0_TOKEN → petstore-dt-cli / PETSTORE_TOKEN. New short_name() drops OpenAPI/v3/REST/version-number noise.
• Relative server URLs: when an OpenAPI spec ships servers: [{url: /api/v3}] and is fetched over HTTP, the generated client previously had a broken relative BASE_URL. Now resolved against the source URL, so the CLI works out of the box.
• No Accept header sent by generated client → many APIs returned XML/HTML. Now sends Accept: application/json + User-Agent.
• Empty base_url silently broke requests → now raises a helpful APIError telling the user which env var to set.
• Flag collisions (e.g. id in both path and body) crashed Click at import time → body-side flag is auto-renamed to --body-<name>.

Quality

• Drop redundant --json/--no-json (--pretty already toggles); add --debug / <NAME>_DEBUG env var that logs requests with auth headers redacted.
• Extract _coerce() body-decode helper (was inline boilerplate per param × per op).
• ducktap scorecard --fail-under N exits 2 for CI gating.

Tests

New tests/test_generated_cli_runtime.py presses a tiny spec, swaps in httpx.MockTransport, and verifies the generated CLI actually issues correct GET-with-query, path substitution, POST body, 4xx-to-stderr behaviour, and absolute base_url resolution.

Previous tests only checked the generator emitted parseable code, not working code.

Test plan

• 21/21 pytest pass (was 15)
• `ruff check src tests` clean
• `ducktap press tests/fixtures/petstore.yaml --out ./out` produces `petstore-dt-cli` with absolute base_url and `PETSTORE_*` env vars
• `ducktap scorecard ... --fail-under 99` exits 2

Generated with Devin

---

^{Need help on this PR? Tag @codesmith with what you need.}

• Let Codesmith autofix CI failures and bot reviews

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
duck-tap	Ready	Preview, Comment	May 12, 2026 10:47am

[ecc-tools]

Analyzing 200 commits...

[ecc-tools]

Analysis Complete

Generated ECC bundle from 2 commits | Confidence: 50%

View Pull Request #2

Repository Profile

Attribute	Value
Language	Python
Framework	Not detected
Commit Convention	mixed
Test Directory	separate

Changed Files (17)

Metric	Value
Files changed	17
Additions	2000
Deletions	1684

Top hotspots

Path	Status	+/-
website/style.css	modified	+1039 / -1039
website/index.html	modified	+342 / -342
tests/test_generated_cli_runtime.py	added	+212 / -0
website/script.js	modified	+84 / -84
.github/workflows/publish.yml	modified	+73 / -73

Top directories

Directory	Files	Total changes
website	5	2986
tests	2	225
.github/workflows	2	202
.	2	124
src/ducktap/generator/templates/cli	3	80

Likely Future Issues (2)

Severity	Signal	Why it may show up
MEDIUM	User-facing UI changes may ship without browser coverage	1 user-facing UI paths changed; 0 browser or e2e coverage files changed
MEDIUM	Dependency or CI drift could surface after merge	CI/workflow files changed; no lockfile changes detected

• User-facing UI changes may ship without browser coverage: The PR changes components, pages, or other user-facing UI files without touching any obvious browser or end-to-end coverage.
• Dependency or CI drift could surface after merge: Package or workflow changes landed without an accompanying lockfile update, which often turns into CI or release noise later.

Suggested Follow-up Work (2)

Type	Suggested title	Targets
PR	test: add browser coverage for website/style.css	website/style.css
PR	chore: refresh lockfile and validate CI after dependency updates	.github/workflows/ci.yml, .github/workflows/publish.yml

• test: add browser coverage for website/style.css: Backfill browser coverage before another user-facing UI change lands on the touched surface.
• chore: refresh lockfile and validate CI after dependency updates: Package or workflow changes without a lockfile refresh tend to turn into noisy follow-up fixes after merge.

Copy-ready bodies

test: add browser coverage for website/style.css

## Summary
- Add browser or end-to-end coverage for the recently changed user-facing surface.

## Why
- Backfill browser coverage before another user-facing UI change lands on the touched surface.

## Touched paths
- `website/style.css`

## Validation
- Add or extend browser / e2e coverage for the changed component, page, or flow.
- Exercise the visible user journey that depends on the touched UI surface.

chore: refresh lockfile and validate CI after dependency updates

## Summary
- Refresh the lockfile and rerun CI after the dependency or workflow changes in this PR.

## Why
- Package or workflow changes without a lockfile refresh tend to turn into noisy follow-up fixes after merge.

## Touched paths
- `.github/workflows/ci.yml`
- `.github/workflows/publish.yml`

## Validation
- Refresh the lockfile in the same package manager used by the repo.
- Run the repo typecheck / test / CI entrypoints that depend on the updated package graph.

Generated Instincts (15)

Domain	Count
git	3
code-style	10
testing	2

After merging, import with:

/instinct-import .claude/homunculus/instincts/inherited/DuckTap-instincts.yaml

Files

• .claude/ecc-tools.json
• .claude/skills/DuckTap/SKILL.md
• .agents/skills/DuckTap/SKILL.md
• .agents/skills/DuckTap/agents/openai.yaml
• .claude/identity.json
• .codex/config.toml
• .codex/AGENTS.md
• .codex/agents/explorer.toml
• .codex/agents/reviewer.toml
• .codex/agents/docs-researcher.toml
• .claude/homunculus/instincts/inherited/DuckTap-instincts.yaml

---

_{ECC Tools | Everything Claude Code}