From 61f0966b79683a75ec795584cc4cb286cd1c2214 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 17 Dec 2025 20:45:41 +0000 Subject: [PATCH 1/5] Initial plan From b307b19b9df500ba1f7c7d1aa4afe10003bf5e46 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 17 Dec 2025 20:52:01 +0000 Subject: [PATCH 2/5] Update AGENTS.md, ARCHITECTURE.md, and repository best practices - Add mandatory pre-finalization quality checks to AGENTS.md - Document code review and CodeQL security scanning requirements - Update ARCHITECTURE.md to reflect PR #28 refactoring improvements - Document serializer deserialization capabilities - Add CodeQL security scanning workflow - Improve .gitignore with coverage and test output exclusions - Add pre-commit quality check guidance to CONTRIBUTING.md Co-authored-by: Malcolmnixon <1863707+Malcolmnixon@users.noreply.github.com> --- .github/workflows/codeql.yaml | 54 ++++++++++++++++++++++++++++++++ .gitignore | 13 ++++++++ AGENTS.md | 58 ++++++++++++++++++++++++++++++++++- ARCHITECTURE.md | 31 +++++++++++++++---- CONTRIBUTING.md | 28 +++++++++++++++-- 5 files changed, 175 insertions(+), 9 deletions(-) create mode 100644 .github/workflows/codeql.yaml diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml new file mode 100644 index 0000000..379a40d --- /dev/null +++ b/.github/workflows/codeql.yaml @@ -0,0 +1,54 @@ +--- +name: "CodeQL Security Scanning" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + schedule: + # Run at 5:00 AM UTC every Monday + - cron: '0 5 * * 1' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'csharp' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v6 + + - name: Setup .NET + uses: actions/setup-dotnet@v5 + with: + dotnet-version: | + 8.x + 9.x + 10.x + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + queries: security-and-quality + + - name: Restore dependencies + run: dotnet restore + + - name: Build + run: dotnet build --no-restore --configuration Release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.gitignore b/.gitignore index b6a26aa..15e4073 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,16 @@ bin/ obj/ TestResults/ + +# Code coverage reports +coverage/ +*.coverage +*.coveragexml +*.opencover.xml + +# Test results +*.trx + +# Temporary files +*.tmp +.DS_Store diff --git a/AGENTS.md b/AGENTS.md index a07e829..8cd8575 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -100,8 +100,11 @@ cspell "**/*.{md,cs}" # Run markdown linter (requires npm install -g markdownlint-cli) markdownlint "**/*.md" -# Format code (if format tools are installed) +# Format code dotnet format + +# Verify formatting +dotnet format --verify-no-changes ``` ## Testing Guidelines @@ -226,6 +229,7 @@ All builds must pass: 5. Update XML documentation 6. Update README.md with usage examples 7. Run all tests and ensure they pass +8. Complete pre-finalization quality checks (see below) ### Fixing a Bug @@ -234,6 +238,7 @@ All builds must pass: 3. Ensure the test now passes 4. Verify no other tests are broken 5. Update documentation if the bug fix changes behavior +6. Complete pre-finalization quality checks (see below) ### Improving Code Quality @@ -243,6 +248,7 @@ All builds must pass: 4. Improve naming and clarity 5. Add missing documentation 6. Verify all tests still pass +7. Complete pre-finalization quality checks (see below) ### Updating Dependencies @@ -250,6 +256,55 @@ All builds must pass: 2. Update to latest stable versions when appropriate 3. Test thoroughly after updates 4. Update documentation if APIs changed +5. Complete pre-finalization quality checks (see below) + +## Pre-Finalization Quality Checks + +Before marking any task as complete and finalizing your session, you **MUST** run the following quality checks in this order: + +### 1. Build and Test Validation + +```bash +# Build the project +dotnet build --configuration Release + +# Run all tests +dotnet test --configuration Release +``` + +All builds must complete with zero warnings and all tests must pass. + +### 2. Code Review + +Use the **code_review** tool to get automated feedback on your changes: + +- Review all comments and suggestions +- Address relevant feedback +- If significant changes are made, run code_review again + +### 3. Security Scanning + +Use the **codeql_checker** tool to scan for security vulnerabilities: + +- This tool must be run after code_review is complete +- Investigate all alerts discovered +- Fix any alerts that require localized changes +- Re-run codeql_checker after fixes to verify +- Include a Security Summary with any unfixed vulnerabilities + +### Quality Check Workflow + +The complete workflow before task completion: + +1. Make code changes +2. Run build and tests → Fix any issues +3. Run code_review tool → Address relevant feedback +4. Run codeql_checker tool → Fix security issues +5. If significant changes were made, repeat steps 2-4 +6. Report progress with final commit +7. Complete task + +**Note**: Only proceed to finalize your task after all quality checks pass and all issues are addressed. ## Boundaries and Guardrails @@ -270,6 +325,7 @@ All builds must pass: - Add tests for new functionality - Resolve all warnings and analyzer suggestions - Keep changes minimal and focused +- Complete all pre-finalization quality checks (build, test, code_review, codeql_checker) before marking work as complete ### What AI Agents Should ASK About diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index 104eccc..60c4f04 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -61,11 +61,13 @@ An enumeration representing possible test outcomes: #### `TrxSerializer` -The `TrxSerializer` class is responsible for converting the domain model into TRX XML format: +The `TrxSerializer` class is responsible for converting between the domain model and TRX XML format: - Uses .NET's built-in XML serialization capabilities - Produces TRX files compatible with Visual Studio and Azure DevOps +- Can deserialize TRX XML files back into the domain model - Handles proper formatting and schema compliance +- Implements helper methods for complex XML structure creation to maintain code clarity and reduce complexity #### `JUnitSerializer` @@ -76,6 +78,7 @@ The `JUnitSerializer` class is responsible for converting between the domain mod - Can deserialize JUnit XML files back into the domain model - Groups test results by class name into test suites - Maps test outcomes to JUnit semantics (failure, error, skipped) +- Implements helper methods for complex XML structure creation to maintain code clarity and reduce complexity ## Data Flow @@ -89,8 +92,10 @@ The `JUnitSerializer` class is responsible for converting between the domain mod ## Design Patterns - **Data Transfer Object (DTO)**: The `TestResults` and `TestResult` classes serve as DTOs for test data -- **Serializer Pattern**: The `TrxSerializer` class encapsulates all serialization logic +- **Serializer Pattern**: The `TrxSerializer` and `JUnitSerializer` classes encapsulate all serialization/deserialization logic - **Builder Pattern**: The API allows for fluent construction of test results +- **Helper Method Extraction**: Complex serialization/deserialization logic is broken down into focused helper methods, each handling a specific portion of the XML structure +- **Constant Extraction**: Repeated string literals are extracted as private constants to improve maintainability and reduce duplication ## File Organization @@ -108,6 +113,20 @@ The library is designed to be extended in several ways: 2. **Additional Metadata**: The model could be extended to support additional metadata fields 3. **Alternative Serializers**: Additional serializers could be added for other test result formats (NUnit, xUnit, etc.) +## Recent Improvements + +### Serializer Refactoring (PR #28) + +The serializers were refactored to improve code quality and maintainability: + +- **Method Extraction**: Complex `Serialize` and `Deserialize` methods were split into smaller, focused helper methods +- **Constant Extraction**: Repeated string literals were extracted as private constants, reducing duplication and improving maintainability +- **Documentation**: All private helper methods now have comprehensive XML documentation +- **Type Optimization**: Parameter types were optimized for better performance where appropriate +- **Complexity Reduction**: Cognitive complexity was reduced by breaking down large methods into logical units + +These improvements make the codebase easier to understand, test, and maintain while preserving all existing functionality. + ## Quality Attributes ### Reliability @@ -138,10 +157,10 @@ The library is designed to be extended in several ways: Potential enhancements that could be considered: -1. **Deserialization**: Add support for reading existing TRX and JUnit XML files back into the object model -2. **Additional Formats**: Support for other test result formats (NUnit XML, xUnit XML, etc.) -3. **Streaming**: Support for streaming large test result sets to avoid memory issues -4. **Validation**: Add schema validation to ensure generated files are well-formed +1. **Additional Formats**: Support for other test result formats (NUnit XML, xUnit XML, etc.) +2. **Streaming**: Support for streaming large test result sets to avoid memory issues +3. **Validation**: Add schema validation to ensure generated files are well-formed +4. **Format Detection**: Automatic detection of input format when deserializing ## Dependencies diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f6af004..9f67923 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -95,8 +95,32 @@ Enhancement suggestions are tracked as GitHub issues. When creating an enhanceme 2. Make your changes, following the coding guidelines below 3. Add or update tests as needed 4. Run the full test suite to ensure nothing is broken -5. Commit your changes with a clear and descriptive commit message -6. Push to your fork and submit a pull request +5. Run pre-commit quality checks (see below) +6. Commit your changes with a clear and descriptive commit message +7. Push to your fork and submit a pull request + +### Pre-Commit Quality Checks + +Before committing your changes, ensure the following checks pass: + +```bash +# Build the project +dotnet build --configuration Release + +# Run all tests +dotnet test --configuration Release + +# Verify code formatting +dotnet format --verify-no-changes + +# (Optional) Run spell checker if you modified documentation +cspell "**/*.{md,cs}" + +# (Optional) Run markdown linter if you modified markdown files +markdownlint "**/*.md" +``` + +All builds must complete with zero warnings, and all tests must pass. ## Coding Guidelines From 7e057dfd487d6ca8cc8b9c39d7fefe635f1e8f7a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 17 Dec 2025 20:53:33 +0000 Subject: [PATCH 3/5] Fix markdownlint command pattern for better shell compatibility Co-authored-by: Malcolmnixon <1863707+Malcolmnixon@users.noreply.github.com> --- AGENTS.md | 2 +- CONTRIBUTING.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index 8cd8575..83439ac 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -98,7 +98,7 @@ dotnet pack cspell "**/*.{md,cs}" # Run markdown linter (requires npm install -g markdownlint-cli) -markdownlint "**/*.md" +markdownlint *.md # Format code dotnet format diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9f67923..67c3d6a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -117,7 +117,7 @@ dotnet format --verify-no-changes cspell "**/*.{md,cs}" # (Optional) Run markdown linter if you modified markdown files -markdownlint "**/*.md" +markdownlint *.md ``` All builds must complete with zero warnings, and all tests must pass. From c8aee2d26682a9603f3cd6d319efbcb5424d6e09 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 17 Dec 2025 21:08:22 +0000 Subject: [PATCH 4/5] Address review feedback: remove Recent Improvements section and restore glob patterns - Remove "Recent Improvements" section from ARCHITECTURE.md per feedback - Restore "**/*.md" glob pattern in AGENTS.md for recursive markdown linting - Restore "**/*.md" glob pattern in CONTRIBUTING.md for recursive markdown linting Co-authored-by: Malcolmnixon <1863707+Malcolmnixon@users.noreply.github.com> --- AGENTS.md | 2 +- ARCHITECTURE.md | 14 -------------- CONTRIBUTING.md | 2 +- 3 files changed, 2 insertions(+), 16 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index 83439ac..8cd8575 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -98,7 +98,7 @@ dotnet pack cspell "**/*.{md,cs}" # Run markdown linter (requires npm install -g markdownlint-cli) -markdownlint *.md +markdownlint "**/*.md" # Format code dotnet format diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index 60c4f04..7981a68 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -113,20 +113,6 @@ The library is designed to be extended in several ways: 2. **Additional Metadata**: The model could be extended to support additional metadata fields 3. **Alternative Serializers**: Additional serializers could be added for other test result formats (NUnit, xUnit, etc.) -## Recent Improvements - -### Serializer Refactoring (PR #28) - -The serializers were refactored to improve code quality and maintainability: - -- **Method Extraction**: Complex `Serialize` and `Deserialize` methods were split into smaller, focused helper methods -- **Constant Extraction**: Repeated string literals were extracted as private constants, reducing duplication and improving maintainability -- **Documentation**: All private helper methods now have comprehensive XML documentation -- **Type Optimization**: Parameter types were optimized for better performance where appropriate -- **Complexity Reduction**: Cognitive complexity was reduced by breaking down large methods into logical units - -These improvements make the codebase easier to understand, test, and maintain while preserving all existing functionality. - ## Quality Attributes ### Reliability diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 67c3d6a..9f67923 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -117,7 +117,7 @@ dotnet format --verify-no-changes cspell "**/*.{md,cs}" # (Optional) Run markdown linter if you modified markdown files -markdownlint *.md +markdownlint "**/*.md" ``` All builds must complete with zero warnings, and all tests must pass. From bf1650c51d7354d025f4abfb8a8f8df15859ffa6 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 17 Dec 2025 21:34:05 +0000 Subject: [PATCH 5/5] Fix markdown linting errors and remove conflicting CodeQL workflow - Fix line length issues in ARCHITECTURE.md (lines 95, 97, 98) - Remove CodeQL workflow that conflicts with default setup - Repository uses GitHub's default CodeQL setup instead of custom workflow Co-authored-by: Malcolmnixon <1863707+Malcolmnixon@users.noreply.github.com> --- .github/workflows/codeql.yaml | 54 ----------------------------------- ARCHITECTURE.md | 9 ++++-- 2 files changed, 6 insertions(+), 57 deletions(-) delete mode 100644 .github/workflows/codeql.yaml diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml deleted file mode 100644 index 379a40d..0000000 --- a/.github/workflows/codeql.yaml +++ /dev/null @@ -1,54 +0,0 @@ ---- -name: "CodeQL Security Scanning" - -on: - push: - branches: [ "main" ] - pull_request: - branches: [ "main" ] - schedule: - # Run at 5:00 AM UTC every Monday - - cron: '0 5 * * 1' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'csharp' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v6 - - - name: Setup .NET - uses: actions/setup-dotnet@v5 - with: - dotnet-version: | - 8.x - 9.x - 10.x - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - queries: security-and-quality - - - name: Restore dependencies - run: dotnet restore - - - name: Build - run: dotnet build --no-restore --configuration Release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md index 7981a68..2090b31 100644 --- a/ARCHITECTURE.md +++ b/ARCHITECTURE.md @@ -92,10 +92,13 @@ The `JUnitSerializer` class is responsible for converting between the domain mod ## Design Patterns - **Data Transfer Object (DTO)**: The `TestResults` and `TestResult` classes serve as DTOs for test data -- **Serializer Pattern**: The `TrxSerializer` and `JUnitSerializer` classes encapsulate all serialization/deserialization logic +- **Serializer Pattern**: The `TrxSerializer` and `JUnitSerializer` classes encapsulate all + serialization/deserialization logic - **Builder Pattern**: The API allows for fluent construction of test results -- **Helper Method Extraction**: Complex serialization/deserialization logic is broken down into focused helper methods, each handling a specific portion of the XML structure -- **Constant Extraction**: Repeated string literals are extracted as private constants to improve maintainability and reduce duplication +- **Helper Method Extraction**: Complex serialization/deserialization logic is broken down into focused helper + methods, each handling a specific portion of the XML structure +- **Constant Extraction**: Repeated string literals are extracted as private constants to improve maintainability + and reduce duplication ## File Organization