From 083ef288046a210223cbd74e7b61fe7a5e9adb7f Mon Sep 17 00:00:00 2001 From: Ryan Petrello Date: Fri, 27 Mar 2026 14:14:32 -0400 Subject: [PATCH] feat: add python-wheel-build/fromager to leaderboard Score: 75.8/100 (Gold) Repository: https://github.com/python-wheel-build/fromager --- .../2026-03-27T18-14-28-assessment.json | 675 ++++++++++++++++++ 1 file changed, 675 insertions(+) create mode 100644 submissions/python-wheel-build/fromager/2026-03-27T18-14-28-assessment.json diff --git a/submissions/python-wheel-build/fromager/2026-03-27T18-14-28-assessment.json b/submissions/python-wheel-build/fromager/2026-03-27T18-14-28-assessment.json new file mode 100644 index 00000000..c5c68123 --- /dev/null +++ b/submissions/python-wheel-build/fromager/2026-03-27T18-14-28-assessment.json @@ -0,0 +1,675 @@ +{ + "schema_version": "1.0.0", + "metadata": { + "agentready_version": "2.30.1", + "research_version": "1.0.1", + "assessment_timestamp": "2026-03-27T14:11:25.505753", + "assessment_timestamp_human": "March 27, 2026 at 2:11 PM", + "executed_by": "rpetrell@rpetrell-mac", + "command": "/Users/rpetrell/venvs/agentready/bin/agentready assess ./fromager --config agentready-config.yml", + "working_directory": "/Users/rpetrell/dev/agentready" + }, + "repository": { + "path": "/Users/rpetrell/dev/agentready/fromager", + "name": "fromager", + "url": "https://github.com/python-wheel-build/fromager", + "branch": "main", + "commit_hash": "472e16a3d8aef134d8addfb37d1a96bec420d303", + "languages": { + "Markdown": 10, + "YAML": 28, + "Python": 106, + "Shell": 47, + "JSON": 4, + "TOML": 6 + }, + "total_files": 274, + "total_lines": 45392 + }, + "timestamp": "2026-03-27T14:11:25.505753", + "overall_score": 75.8, + "certification_level": "Gold", + "attributes_assessed": 16, + "attributes_skipped": 2, + "attributes_total": 18, + "findings": [ + { + "attribute": { + "id": "claude_md_file", + "name": "CLAUDE.md Configuration Files", + "category": "Context Window Optimization", + "tier": 1, + "description": "Project-specific configuration for Claude Code", + "criteria": "CLAUDE.md file exists in repository root", + "default_weight": 0.1 + }, + "status": "pass", + "score": 100.0, + "measured_value": "present", + "threshold": "present", + "evidence": [ + "CLAUDE.md found at /Users/rpetrell/dev/agentready/fromager/CLAUDE.md", + "Symlink to AGENTS.md (6877 bytes)", + "AGENTS.md also present (cross-tool compatibility)" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "readme_structure", + "name": "README Structure", + "category": "Documentation Standards", + "tier": 1, + "description": "Well-structured README with key sections", + "criteria": "README.md with installation, usage, and development sections", + "default_weight": 0.1 + }, + "status": "pass", + "score": 100.0, + "measured_value": "3/3 sections", + "threshold": "3/3 sections", + "evidence": [ + "Found 3/3 essential sections", + "Installation: \u2713", + "Usage: \u2713", + "Development: \u2713" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "type_annotations", + "name": "Type Annotations", + "category": "Code Quality", + "tier": 1, + "description": "Type hints in function signatures", + "criteria": ">80% of functions have type annotations", + "default_weight": 0.1 + }, + "status": "pass", + "score": 100.0, + "measured_value": "99.8%", + "threshold": "\u226580%", + "evidence": [ + "Typed functions: 878/880", + "Coverage: 99.8%" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "standard_layout", + "name": "Standard Project Layouts", + "category": "Repository Structure", + "tier": 1, + "description": "Follows standard project structure for language", + "criteria": "Standard directories (src/ or project-named, tests/) present", + "default_weight": 0.1 + }, + "status": "pass", + "score": 100.0, + "measured_value": "2/2 directories", + "threshold": "2/2 directories", + "evidence": [ + "Found 2/2 standard directories", + "src/: \u2713", + "tests/: \u2713" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "lock_files", + "name": "Dependency Pinning for Reproducibility", + "category": "Dependency Management", + "tier": 1, + "description": "Dependencies pinned to exact versions in lock files", + "criteria": "Lock file with pinned versions, updated within 6 months", + "default_weight": 0.1 + }, + "status": "fail", + "score": 0.0, + "measured_value": "none", + "threshold": "lock file with pinned versions", + "evidence": [ + "No dependency lock files found" + ], + "remediation": { + "summary": "Add lock file for dependency reproducibility", + "steps": [ + "For npm: run 'npm install' (generates package-lock.json)", + "For Python: use 'pip freeze > requirements.txt' or poetry", + "For Ruby: run 'bundle install' (generates Gemfile.lock)" + ], + "tools": [ + "npm", + "pip", + "poetry", + "bundler" + ], + "commands": [ + "npm install # npm", + "pip freeze > requirements.txt # Python", + "poetry lock # Python with Poetry" + ], + "examples": [], + "citations": [] + }, + "error_message": null + }, + { + "attribute": { + "id": "dependency_security", + "name": "Dependency Security & Vulnerability Scanning", + "category": "Security", + "tier": 1, + "description": "Security scanning tools configured for dependencies and code", + "criteria": "Dependabot, Renovate, CodeQL, or SAST tools configured; secret detection enabled", + "default_weight": 0.04 + }, + "status": "pass", + "score": 35, + "measured_value": "Security tools configured: Dependabot", + "threshold": "\u226560 points (Dependabot/Renovate + SAST or multiple scanners)", + "evidence": [ + "\u2713 Dependabot configured for dependency updates", + " 1 package ecosystem(s) monitored" + ], + "remediation": { + "summary": "Add more security scanning tools for comprehensive coverage", + "steps": [ + "Enable Dependabot alerts in GitHub repository settings (or configure Renovate: add renovate.json to repository root)", + "Add CodeQL scanning workflow for SAST", + "Configure secret detection (detect-secrets, gitleaks)", + "Set up language-specific scanners (pip-audit, npm audit, Snyk)" + ], + "tools": [ + "Dependabot", + "Renovate", + "CodeQL", + "detect-secrets", + "pip-audit", + "npm audit" + ], + "commands": [ + "gh repo edit --enable-security", + "pip install detect-secrets # Python secret detection", + "npm audit # JavaScript dependency audit" + ], + "examples": [ + "# .github/dependabot.yml\nversion: 2\nupdates:\n - package-ecosystem: pip\n directory: /\n schedule:\n interval: weekly" + ], + "citations": [ + { + "source": "OWASP", + "title": "Dependency-Check Project", + "url": "https://owasp.org/www-project-dependency-check/", + "relevance": "Open-source tool for detecting known vulnerabilities in dependencies" + }, + { + "source": "GitHub", + "title": "Dependabot Documentation", + "url": "https://docs.github.com/en/code-security/dependabot", + "relevance": "Official guide for configuring automated dependency updates and security alerts" + } + ] + }, + "error_message": null + }, + { + "attribute": { + "id": "gitignore_completeness", + "name": ".gitignore Completeness", + "category": "Git & Version Control", + "tier": 2, + "description": "Comprehensive .gitignore file with language-specific patterns", + "criteria": ".gitignore exists and includes language-specific patterns from GitHub templates", + "default_weight": 0.03 + }, + "status": "pass", + "score": 83.33333333333334, + "measured_value": "10/12 patterns", + "threshold": "\u226570% of language-specific patterns", + "evidence": [ + ".gitignore found (4505 bytes)", + "Pattern coverage: 10/12 (83%)", + "Missing 2 recommended patterns" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "one_command_setup", + "name": "One-Command Build/Setup", + "category": "Build & Development", + "tier": 2, + "description": "Single command to set up development environment from fresh clone", + "criteria": "Single command (make setup, npm install, etc.) documented prominently", + "default_weight": 0.03 + }, + "status": "fail", + "score": 60, + "measured_value": "multi-step setup", + "threshold": "single command", + "evidence": [ + "No clear setup command found in README", + "Setup automation found: pyproject.toml", + "Setup instructions in prominent location" + ], + "remediation": { + "summary": "Create single-command setup for development environment", + "steps": [ + "Choose setup automation tool (Makefile, setup script, or package manager)", + "Create setup command that handles all dependencies", + "Document setup command prominently in README (Quick Start section)", + "Ensure setup is idempotent (safe to run multiple times)", + "Test setup on fresh clone to verify it works" + ], + "tools": [ + "make", + "npm", + "pip", + "poetry" + ], + "commands": [ + "# Example Makefile", + "cat > Makefile << 'EOF'", + ".PHONY: setup", + "setup:", + "\tpython -m venv venv", + "\t. venv/bin/activate && pip install -r requirements.txt", + "\tpre-commit install", + "\tcp .env.example .env", + "\t@echo 'Setup complete! Run make test to verify.'", + "EOF" + ], + "examples": [ + "# Quick Start section in README\n\n## Quick Start\n\n```bash\nmake setup # One command to set up development environment\nmake test # Run tests to verify setup\n```\n" + ], + "citations": [ + { + "source": "freeCodeCamp", + "title": "Using make for project automation", + "url": "https://www.freecodecamp.org/news/want-to-know-the-easiest-way-to-save-time-use-make/", + "relevance": "Guide to using Makefiles for one-command setup" + } + ] + }, + "error_message": null + }, + { + "attribute": { + "id": "file_size_limits", + "name": "File Size Limits", + "category": "Context Window Optimization", + "tier": 2, + "description": "Files are reasonably sized for AI context windows", + "criteria": "<5% of files >500 lines, no files >1000 lines", + "default_weight": 0.03 + }, + "status": "fail", + "score": 41.96261682242991, + "measured_value": "3 huge, 10 large out of 107", + "threshold": "<5% files >500 lines, 0 files >1000 lines", + "evidence": [ + "Found 3 files >1000 lines (2.8% of 107 files)", + "Largest: src/fromager/bootstrapper.py (1392 lines)" + ], + "remediation": { + "summary": "Refactor large files into smaller, focused modules", + "steps": [ + "Identify files >1000 lines", + "Split into logical submodules", + "Extract classes/functions into separate files", + "Maintain single responsibility principle" + ], + "tools": [ + "refactoring tools", + "linters" + ], + "commands": [], + "examples": [ + "# Split large file:\n# models.py (1500 lines) \u2192 models/user.py, models/product.py, models/order.py" + ], + "citations": [] + }, + "error_message": null + }, + { + "attribute": { + "id": "separation_of_concerns", + "name": "Separation of Concerns", + "category": "Code Organization", + "tier": 2, + "description": "Code organized with single responsibility per module", + "criteria": "Feature-based organization, cohesive modules, low coupling", + "default_weight": 0.03 + }, + "status": "pass", + "score": 96.32075471698113, + "measured_value": "organization:100, cohesion:88, naming:100", + "threshold": "\u226575 overall", + "evidence": [ + "Good directory organization (feature-based or flat)", + "File cohesion: 13/106 files >500 lines", + "No catch-all modules (utils.py, helpers.py) detected" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "concise_documentation", + "name": "Concise Documentation", + "category": "Documentation", + "tier": 2, + "description": "Documentation maximizes information density while minimizing token consumption", + "criteria": "README <500 lines with clear structure, bullet points over prose", + "default_weight": 0.03 + }, + "status": "fail", + "score": 64.0, + "measured_value": "77 lines, 8 headings, 9 bullets", + "threshold": "<500 lines, structured format", + "evidence": [ + "README length: 77 lines (excellent)", + "Heading density: 10.4 per 100 lines (target: 3-5)", + "Only 9 bullet points (prefer bullets over prose)" + ], + "remediation": { + "summary": "Make documentation more concise and structured", + "steps": [ + "Break long README into multiple documents (docs/ directory)", + "Add clear Markdown headings (##, ###) for structure", + "Convert prose paragraphs to bullet points where possible", + "Add table of contents for documents >100 lines", + "Use code blocks instead of describing commands in prose", + "Move detailed content to wiki or docs/, keep README focused" + ], + "tools": [], + "commands": [ + "# Check README length", + "wc -l README.md", + "", + "# Count headings", + "grep -c '^#' README.md" + ], + "examples": [ + "# Good: Concise with structure\n\n## Quick Start\n```bash\npip install -e .\nagentready assess .\n```\n\n## Features\n- Fast repository scanning\n- HTML and Markdown reports\n- 25 agent-ready attributes\n\n## Documentation\nSee [docs/](docs/) for detailed guides.\n", + "# Bad: Verbose prose\n\nThis project is a tool that helps you assess your repository\nagainst best practices for AI-assisted development. It works by\nscanning your codebase and checking for various attributes that\nmake repositories more effective when working with AI coding\nassistants like Claude Code...\n\n[Many more paragraphs of prose...]\n" + ], + "citations": [ + { + "source": "ArXiv", + "title": "LongCodeBench: Evaluating Coding LLMs at 1M Context Windows", + "url": "https://arxiv.org/abs/2501.00343", + "relevance": "Research showing performance degradation with long contexts" + }, + { + "source": "Markdown Guide", + "title": "Basic Syntax", + "url": "https://www.markdownguide.org/basic-syntax/", + "relevance": "Best practices for Markdown formatting" + } + ] + }, + "error_message": null + }, + { + "attribute": { + "id": "inline_documentation", + "name": "Inline Documentation", + "category": "Documentation", + "tier": 2, + "description": "Function, class, and module-level documentation using language-specific conventions", + "criteria": "\u226580% of public functions/classes have docstrings", + "default_weight": 0.03 + }, + "status": "fail", + "score": 63.626126126126124, + "measured_value": "50.9%", + "threshold": "\u226580%", + "evidence": [ + "Documented items: 452/888", + "Coverage: 50.9%", + "Many public functions/classes lack docstrings" + ], + "remediation": { + "summary": "Add docstrings to public functions and classes", + "steps": [ + "Identify functions/classes without docstrings", + "Add PEP 257 compliant docstrings for Python", + "Add JSDoc comments for JavaScript/TypeScript", + "Include: description, parameters, return values, exceptions", + "Add examples for complex functions", + "Run pydocstyle to validate docstring format" + ], + "tools": [ + "pydocstyle", + "jsdoc" + ], + "commands": [ + "# Install pydocstyle", + "pip install pydocstyle", + "", + "# Check docstring coverage", + "pydocstyle src/", + "", + "# Generate documentation", + "pip install sphinx", + "sphinx-apidoc -o docs/ src/" + ], + "examples": [ + "# Python - Good docstring\ndef calculate_discount(price: float, discount_percent: float) -> float:\n \"\"\"Calculate discounted price.\n\n Args:\n price: Original price in USD\n discount_percent: Discount percentage (0-100)\n\n Returns:\n Discounted price\n\n Raises:\n ValueError: If discount_percent not in 0-100 range\n\n Example:\n >>> calculate_discount(100.0, 20.0)\n 80.0\n \"\"\"\n if not 0 <= discount_percent <= 100:\n raise ValueError(\"Discount must be 0-100\")\n return price * (1 - discount_percent / 100)\n", + "// JavaScript - Good JSDoc\n/**\n * Calculate discounted price\n *\n * @param {number} price - Original price in USD\n * @param {number} discountPercent - Discount percentage (0-100)\n * @returns {number} Discounted price\n * @throws {Error} If discountPercent not in 0-100 range\n * @example\n * calculateDiscount(100.0, 20.0)\n * // Returns: 80.0\n */\nfunction calculateDiscount(price, discountPercent) {\n if (discountPercent < 0 || discountPercent > 100) {\n throw new Error(\"Discount must be 0-100\");\n }\n return price * (1 - discountPercent / 100);\n}\n" + ], + "citations": [ + { + "source": "Python.org", + "title": "PEP 257 - Docstring Conventions", + "url": "https://peps.python.org/pep-0257/", + "relevance": "Python docstring standards" + }, + { + "source": "TypeScript", + "title": "TSDoc Reference", + "url": "https://tsdoc.org/", + "relevance": "TypeScript documentation standard" + } + ] + }, + "error_message": null + }, + { + "attribute": { + "id": "cyclomatic_complexity", + "name": "Cyclomatic Complexity Thresholds", + "category": "Code Quality", + "tier": 3, + "description": "Cyclomatic complexity thresholds enforced", + "criteria": "Average complexity <10, no functions >15", + "default_weight": 0.03 + }, + "status": "pass", + "score": 100.0, + "measured_value": "3.5", + "threshold": "<10.0", + "evidence": [ + "Average cyclomatic complexity: 3.5" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "cicd_pipeline_visibility", + "name": "CI/CD Pipeline Visibility", + "category": "Testing & CI/CD", + "tier": 3, + "description": "Clear, well-documented CI/CD configuration files", + "criteria": "CI config with descriptive names, caching, parallelization", + "default_weight": 0.015 + }, + "status": "fail", + "score": 70, + "measured_value": "basic config", + "threshold": "CI with best practices", + "evidence": [ + "CI config found: .github/workflows/python-publish.yaml, .github/workflows/test.yaml, .github/workflows/check.yaml", + "Descriptive job/step names found", + "No caching detected", + "No parallelization detected", + "Config includes comments" + ], + "remediation": { + "summary": "Add or improve CI/CD pipeline configuration", + "steps": [ + "Create CI config for your platform (GitHub Actions, GitLab CI, etc.)", + "Define jobs: lint, test, build", + "Use descriptive job and step names", + "Configure dependency caching", + "Enable parallel job execution", + "Upload artifacts: test results, coverage reports", + "Add status badge to README" + ], + "tools": [ + "github-actions", + "gitlab-ci", + "circleci" + ], + "commands": [ + "# Create GitHub Actions workflow", + "mkdir -p .github/workflows", + "touch .github/workflows/ci.yml", + "", + "# Validate workflow", + "gh workflow view ci.yml" + ], + "examples": [ + "# .github/workflows/ci.yml - Good example\n\nname: CI Pipeline\n\non:\n push:\n branches: [main]\n pull_request:\n branches: [main]\n\njobs:\n lint:\n name: Lint Code\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - name: Set up Python\n uses: actions/setup-python@v5\n with:\n python-version: '3.11'\n cache: 'pip' # Caching\n\n - name: Install dependencies\n run: pip install -r requirements.txt\n\n - name: Run linters\n run: |\n black --check .\n isort --check .\n ruff check .\n\n test:\n name: Run Tests\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v4\n\n - name: Set up Python\n uses: actions/setup-python@v5\n with:\n python-version: '3.11'\n cache: 'pip'\n\n - name: Install dependencies\n run: pip install -r requirements.txt\n\n - name: Run tests with coverage\n run: pytest --cov --cov-report=xml\n\n - name: Upload coverage reports\n uses: codecov/codecov-action@v3\n with:\n files: ./coverage.xml\n\n build:\n name: Build Package\n runs-on: ubuntu-latest\n needs: [lint, test] # Runs after lint/test pass\n steps:\n - uses: actions/checkout@v4\n\n - name: Build package\n run: python -m build\n\n - name: Upload build artifacts\n uses: actions/upload-artifact@v3\n with:\n name: dist\n path: dist/\n" + ], + "citations": [ + { + "source": "GitHub", + "title": "GitHub Actions Documentation", + "url": "https://docs.github.com/en/actions", + "relevance": "Official GitHub Actions guide" + }, + { + "source": "CircleCI", + "title": "CI/CD Best Practices", + "url": "https://circleci.com/blog/ci-cd-best-practices/", + "relevance": "Industry best practices for CI/CD" + } + ] + }, + "error_message": null + }, + { + "attribute": { + "id": "semantic_naming", + "name": "Semantic Naming", + "category": "Code Quality", + "tier": 3, + "description": "Systematic naming patterns following language conventions", + "criteria": "Language conventions followed, avoid generic names", + "default_weight": 0.015 + }, + "status": "pass", + "score": 100.0, + "measured_value": "functions:100%, classes:100%", + "threshold": "\u226575% compliance", + "evidence": [ + "Functions: 356/356 follow snake_case (100.0%)", + "Classes: 34/34 follow PascalCase (100.0%)", + "No generic names (temp, data, obj) detected" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "branch_protection", + "name": "Branch Protection Rules", + "category": "Git & Version Control", + "tier": 4, + "description": "Required status checks and review approvals before merging", + "criteria": "Branch protection enabled with status checks and required reviews", + "default_weight": 0.005 + }, + "status": "not_applicable", + "score": null, + "measured_value": null, + "threshold": null, + "evidence": [ + "Requires GitHub API integration for branch protection checks. Future implementation will verify: required status checks, required reviews, force push prevention, and branch update requirements." + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "code_smells", + "name": "Code Smell Elimination", + "category": "Code Quality", + "tier": 4, + "description": "Linter configuration for detecting code smells and anti-patterns", + "criteria": "Language-specific linters configured (pylint, ESLint, RuboCop, etc.)", + "default_weight": 0.01 + }, + "status": "pass", + "score": 66.66666666666666, + "measured_value": "pylint, ruff", + "threshold": "\u226560% of applicable linters configured", + "evidence": [ + "Linters configured: pylint, ruff", + "Coverage: 40/60 points (67%)" + ], + "remediation": null, + "error_message": null + }, + { + "attribute": { + "id": "container_setup", + "name": "Container/Virtualization Setup", + "category": "Build & Development", + "tier": 4, + "description": "Container configuration for consistent development environments", + "criteria": "Dockerfile/Containerfile, docker-compose.yml, .dockerignore, multi-stage builds", + "default_weight": 0.01 + }, + "status": "not_applicable", + "score": null, + "measured_value": null, + "threshold": null, + "evidence": [ + "Not applicable to ['Markdown', 'YAML', 'Python', 'Shell', 'JSON', 'TOML']" + ], + "remediation": null, + "error_message": null + } + ], + "config": { + "weights": {}, + "excluded_attributes": [ + "test_coverage", + "conventional_commits", + "architecture_decisions", + "structured_logging", + "openapi_specs", + "issue_pr_templates", + "precommit_hooks" + ], + "language_overrides": {}, + "output_dir": null, + "report_theme": "default", + "custom_theme": null + }, + "duration_seconds": 0.5, + "discovered_skills": [] +} \ No newline at end of file