Miyamura80 · Miyamura80 · Jan 26, 2026 · Jan 26, 2026 · Jan 26, 2026 · Jan 26, 2026
@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "uv"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
@@ -58,7 +58,7 @@ jobs:
         echo "GEMINI_API_KEY=${{ secrets.GEMINI_API_KEY }}" >> $GITHUB_ENV
     - name: Run fast tests
       run: |
-        make test_fast
+        uv run pytest -n auto --durations=10 -m "not slow and not nondeterministic" tests/
     - name: Run flaky test detection
       run: |
         make test_flaky
@@ -0,0 +1,14 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates apply to the latest version on the main branch.
+
+## Reporting a Vulnerability
+
+If you discover a security issue, please use one of the following:
+
+1) Open a private GitHub Security Advisory for this repository.
+2) If advisories are unavailable, open a regular issue with minimal details and request a private channel.
+
+Please include a clear description, steps to reproduce, and any known impact.
@@ -0,0 +1,23 @@
+# Privacy and Data Handling
+
+This repository is a template and does not include production data collection by default. If you add data handling to your implementation, follow these guidelines.
+
+## Data Minimization
+
+- Collect only what you need.
+- Avoid storing sensitive data unless required.
+
+## Secrets and Credentials
+
+- Store secrets in `.env` (or a secrets manager), never in code.
+- Do not log API keys, tokens, or user identifiers.
+
+## Logging
+
+- Treat logs as sensitive.
+- Redact or hash identifiers before logging.
+
+## Third-Party Services
+
+- Document any external processors and what data they receive.
+- Ensure their retention and deletion policies match your requirements.
@@ -11,6 +11,7 @@ dependencies = [
     "python-dotenv>=1.0.1",
     "human-id>=0.2.0",
     "pytest>=8.3.3",
+    "pytest-xdist>=3.6.1",
     "termcolor>=2.4.0",
     "loguru>=0.7.3",
     "vulture>=2.14",
@@ -47,6 +48,14 @@ target-version = "py312"
 select = ["E", "F", "W", "I", "N", "UP", "B", "C4", "SIM"]
 ignore = ["E501", "UP015", "B008"]
 
+[tool.ty]
+
+[tool.ty.rules]
+possibly-unresolved-reference = "error"
+
+[tool.ty.terminal]
+error-on-warning = true
+
 [tool.ty.environment]
 python-version = "3.12"
 

@@ -3,7 +3,7 @@ markers =
     slow: marks tests as slow
     nondeterministic: marks tests as nondeterministic
     slow_and_nondeterministic: marks tests as both slow and nondeterministic
-addopts = --cov=src --cov=common --cov=utils --cov-report=term-missing --cov-fail-under=20
+addopts = -n auto --durations=10 --cov=src --cov=common --cov=utils --cov-report=term-missing --cov-fail-under=20
 env =
     DEV_ENV = dev
     OPENAI_API_KEY=test_api_key

@@ -1,4 +1,5 @@
 import threading
+from typing import Any, cast
 
 from tests.test_template import TestTemplate
 
@@ -12,14 +13,15 @@ def test_concurrent_setup_logging_initializes_once(self):
         logging_module._logging_initialized = False
 
         call_count = 0
-        original_remove = logging_module.logger.remove
+        logger_any = cast(Any, logging_module.logger)
+        original_remove = logger_any.remove
 
         def counting_remove(*args, **kwargs):
             nonlocal call_count
             call_count += 1
             return original_remove(*args, **kwargs)
 
-        logging_module.logger.remove = counting_remove
+        logger_any.remove = counting_remove
 
         barrier = threading.Barrier(10)
         errors = []
@@ -38,7 +40,7 @@ def call_setup():
             t.join(timeout=10)
 
         # Restore original
-        logging_module.logger.remove = original_remove
+        logger_any.remove = original_remove
 
         assert not errors, f"Errors during concurrent setup: {errors}"
         assert (