Python Style Guide
Apply this checklist when writing or reviewing Python code.
Trigger Reference
- •Use
references/trigger-matrix.mdas the canonical trigger and co-activation matrix. - •Resolve skill activation from changed files with
python3 scripts/resolve_style_guides.py <changed-path>...when automation is available. - •Validate trigger matrix consistency with
python3 scripts/validate_trigger_matrix_sync.py.
Architecture and module boundaries
Quality Gate Reference
- •Use
references/quality-gate-command-matrix.mdfor CI check-only vs local autofix command mapping.
- •Keep modules cohesive and focused on one responsibility.
- •Isolate side effects (I/O, network, DB) behind clear interfaces.
- •Keep orchestration layers thin and move business rules into domain modules.
- •Avoid circular imports by keeping dependency direction explicit.
Naming and code structure
- •Follow PEP 8 naming conventions (
snake_case,PascalCase,UPPER_CASEconstants). - •Write small functions with explicit inputs/outputs.
- •Replace magic numbers with named constants that include units (
REQUEST_TIMEOUT_SECONDS). - •Add short comments only where intent is non-obvious.
Typing and data modeling
- •Add type hints for public functions, methods, and complex locals.
- •Prefer explicit models (
dataclass,TypedDict, Pydantic model) over loose dicts. - •Avoid
Anyunless unavoidable and justified inline. - •Define precise protocols/interfaces for pluggable dependencies.
Error handling and control flow
- •Raise specific exception types with actionable messages.
- •Catch exceptions intentionally at boundaries and preserve causal chains.
- •Avoid broad
except Exceptionunless rethrowing after required cleanup/logging. - •Do not suppress failures with silent fallback logic by default.
Configuration and environment
- •Parse and validate configuration at startup.
- •Fail startup when required environment variables are missing.
- •Do not hardcode fallback defaults for required environment variables.
- •Keep secrets in secret managers or injected environment, never in code.
Security and compliance
- •Validate untrusted input at boundaries.
- •Use parameterized DB queries; never build SQL with string concatenation.
- •Avoid unsafe deserialization and command execution with unchecked input.
- •Redact secrets and sensitive fields from logs.
Performance and efficiency
- •Measure bottlenecks before optimizing (
cProfile, tracing, metrics). - •Avoid N+1 data access patterns and repeated expensive computation.
- •Stream large datasets instead of loading everything into memory.
- •Use bounded retries/backoff with named constants.
Testing and verification
- •Add unit tests for core logic and integration tests for boundaries.
- •Cover edge cases: invalid data, timeout, retry exhaustion, concurrency hazards.
- •Add regression tests for every bug fix.
- •Document manual verification when automation cannot cover behavior.
Observability and operations
- •Use structured logs with trace/request IDs.
- •Emit metrics for latency, throughput, and errors.
- •Normalize exception-to-error response mapping at API boundaries.
- •Ensure alertable signals exist for critical failure paths.
CI required quality gates (check-only)
- •Run
uv run ruff format --check .. - •Run
uv run ruff check .. - •Run
uv run mypy .(or project type checker equivalent). - •Run
uv run pytest -q.
Optional autofix commands (local)
- •Run
uv run ruff format .. - •Run
uv run ruff check --fix .for safe lint autofixes, then re-run checks.