Conversation
adamjohnwright
added a commit
that referenced
this pull request
Apr 29, 2026
Dependencies (#9, #10): - Bumped pyarrow ^15→^17, python-dotenv ^1.0.1→^1.2.2, pytest ^8.4→^9.0 to clear 17 CVEs flagged by pip-audit. Refreshing the lock cleared another 6 transitive vulnerabilities (urllib3, certifi, pygments, filelock, virtualenv). - pytest 9 requires Python 3.10+; Python 3.9 reached EOL 2025-10-31, so bumped the project floor to 3.10. README and pyproject.toml updated. - Project-dep CVEs went from 23 → 0. Remaining 6 are in pip/setuptools themselves (env tooling, not project deps). Coverage (#11): - Added pytest-cov to the unit-tier CI step with a 40% floor (current unit coverage is 44%). The floor is intentionally below current to avoid false-positive failures on small reorganizations; it acts as a regression bar, not a target. Higher floors are warranted once the database/integration tiers can run in CI. Reactome version tracking (#12): - Bumped docker-compose Neo4j image Release94 → Release96 (the version the validation suite was actually run against — the old tag was drift). - Added tests/test_reactome_version.py: a database-tier sentinel that reads the loaded Neo4j's DBInfo.version and prints it into the test log. Doesn't pin to a specific version; just records what each run used so a Reactome-correlated regression is easy to spot. - Documented the upgrade workflow in README ("Tracking new Reactome releases" subsection) so bumping the image tag and re-running the database tier is the documented path forward. CI hygiene: - actions/checkout v3→v4, actions/setup-python v4→v5 in both workflows. - ruff workflow Python 3.9→3.12 (matches test.yml). - src/ ruff and mypy still clean; the existing tests/ ruff issues are pre-existing and not blocking (CI ruff job only checks src/ and bin/). - Fixed 3 small ruff issues in bin/ scripts (unused import, no-placeholder f-strings). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.