Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces a typed dependency-injection container (SimpleContainer) with singleton/transient/request-scoped lifetimes, and adds packaging + a Docker/Pipenv-based dev/test/release workflow around the library.
Changes:
- Add
SimpleContainerimplementation, request-scope lifecycle helpers, andInject/ContainerRegistryintegration. - Add unit tests validating singleton, transient, and request-scoped behavior.
- Add repository scaffolding for packaging, CI, pre-commit, and Docker-based development.
Reviewed changes
Copilot reviewed 25 out of 34 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| VERSION | Adds package version source file. |
| tests/container/test_simple_container.py | Adds unit tests for container scopes and request-scope lifecycle. |
| tests/container/init.py | Marks test package. |
| tests/init.py | Marks test package. |
| simple_container/utilities/logger/log_levels.py | Adds env-driven log level config and per-source levels. |
| simple_container/utilities/logger/init.py | Marks logger utilities package. |
| simple_container/utilities/init.py | Marks utilities package. |
| simple_container/py.typed | Declares typed package for type checkers. |
| simple_container/container/simple_container.py | Implements IoC container with singleton/transient/request-scoped resolution. |
| simple_container/container/interfaces.py | Defines container protocols and factory types. |
| simple_container/container/inject.py | Adds Inject[T] dependency helper with improved error handling. |
| simple_container/container/container_registry.py | Adds global container registry and async override context. |
| simple_container/container/init.py | Marks container package. |
| simple_container/init.py | Marks top-level package. |
| setup.py | Adds setuptools packaging configuration. |
| setup.cfg | Adds pytest/mypy/flake8 configuration. |
| README.md | Expands project docs (quickstart/common tasks/publishing). |
| pre-commit.Dockerfile | Adds containerized pre-commit runner image. |
| pre-commit-hook | Adds git hook script to run pre-commit via Docker. |
| Pipfile.lock | Locks dev toolchain dependencies. |
| Pipfile | Declares dev dependencies and pipenv-setup category. |
| MANIFEST.in | Defines sdist inclusion list. |
| Makefile | Adds Docker-based dev/test/build/publish targets. |
| LICENSE | Adds Apache 2.0 license text. |
| Dockerfile | Adds multi-stage Docker build for dev/runtime with pipenv sync. |
| docker.env | Adds env file placeholder for TWINE_PASSWORD. |
| docker-compose.yml | Adds dev service definition. |
| CONTRIBUTING.md | Adds contributor workflow docs. |
| .pre-commit-config.yaml | Adds pre-commit hooks (ruff/format/mypy/bandit/etc.). |
| .gitignore | Adds Python + tooling ignores. |
| .github/workflows/python-publish.yml | Adds release-driven PyPI publish workflow. |
| .github/workflows/build_and_test.yml | Adds CI workflow for pre-commit + dockerized pytest. |
| .github/copilot-instructions.md | Adds repo-specific Copilot review instructions. |
| .dockerignore | Adds docker build context excludes. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "License :: OSI Approved :: Apache Software License", | ||
| "Operating System :: OS Independent", | ||
| ], | ||
| python_requires=">=3.10", |
| import pytest | ||
| from _pytest.logging import LogCaptureFixture | ||
|
|
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
| RUN pipenv sync --dev --system --verbose --extra-pip-args="--prefer-binary" | ||
|
|
||
| # Create necessary directories and list their contents (for debugging and verification) | ||
| RUN mkdir -p /usr/local/lib/python3.12/site-packages && ls -halt /usr/local/lib/python3.12/site-packages |
There was a problem hiding this comment.
Remove or gate the RUN ls -halt debug commands in the Dockerfile; avoid leaving build-time debug listings.
| RUN mkdir -p /usr/local/lib/python3.12/site-packages && ls -halt /usr/local/lib/python3.12/site-packages | |
| RUN mkdir -p /usr/local/lib/python3.12/site-packages |
Details
✨ AI Reasoning
Dockerfile contains RUN ls -halt lines added for debugging during image build. These produce noisy build output and are typical debug artifacts that should be removed or gated behind build args before committing.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
| # ============================================================================ | ||
|
|
||
| # Store a mapping of request_id -> instances | ||
| _request_scope_storage: ContextVar[Dict[str, Dict[type[Any], Any]] | None] = ContextVar( |
There was a problem hiding this comment.
Module-level ContextVar _request_scope_storage stores per-request instances via a shared mutable dict; this can persist request data across requests if lifecycle management fails. Initialize per-request storage without a module-level mutable dict or ensure strict cleanup.
Details
✨ AI Reasoning
The code introduces module-level storage for request-scoped instances using ContextVar objects that are then populated with a mutable dict. Although ContextVar isolates context, storing a shared mutable dict at module scope and placing it into the ContextVar (via set) can lead to accidental cross-request retention if end_request_scope isn't called or the dict is reused across contexts. This is a newly added pattern that makes request-specific instance storage live at module scope and therefore could leak data between requests or threads if lifecycle calls are missed.
🔧 How do I fix it?
Avoid storing request-specific data in module-level variables. Use request-scoped variables or explicitly mark shared caches as intentional.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
| return getattr(t, "__name__", repr(t)) | ||
|
|
||
|
|
||
| class ContainerError(Exception): |
There was a problem hiding this comment.
This module defines multiple top-level classes (ContainerError, ServiceNotFoundError, RequestScopeNotActiveError, SimpleContainer). Separate exceptions from the container into dedicated files to improve organization.
Details
✨ AI Reasoning
This file contains multiple top-level classes: ContainerError, ServiceNotFoundError, RequestScopeNotActiveError, and SimpleContainer. Combining exceptions and the primary container implementation in one file reduces clarity and makes navigation harder, since these types have different responsibilities.
🔧 How do I fix it?
Move each class to its own file with a matching filename. Keep related helper classes as private inner classes when appropriate.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
| # Check and print system and Python platform information (for debugging) | ||
| RUN python -c "import platform; print(platform.platform()); print(platform.architecture())" | ||
| RUN python -c "import sys; print(sys.platform, sys.version, sys.maxsize > 2**32)" | ||
|
|
||
| # Debug pip installation and list installed packages with verbosity | ||
| RUN pip debug --verbose | ||
| RUN pip list -v |
There was a problem hiding this comment.
Remove or make conditional the RUN python -c debug prints in the Dockerfile; avoid shipping build-time introspection output.
Show fix
| # Check and print system and Python platform information (for debugging) | |
| RUN python -c "import platform; print(platform.platform()); print(platform.architecture())" | |
| RUN python -c "import sys; print(sys.platform, sys.version, sys.maxsize > 2**32)" | |
| # Debug pip installation and list installed packages with verbosity | |
| RUN pip debug --verbose | |
| RUN pip list -v |
Details
✨ AI Reasoning
Dockerfile uses RUN python -c statements that print platform and sys info during image build. These are ad-hoc debug outputs and can clutter build logs or leak environment details; they should be removed or made conditional.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: aikido-pr-checks[bot] <169896070+aikido-pr-checks[bot]@users.noreply.github.com>
… scope management
This PR introduces a typed dependency-injection container (SimpleContainer) with singleton/transient/request-scoped lifetimes, and adds packaging + a Docker/Pipenv-based dev/test/release workflow around the library.
Changes:
Add SimpleContainer implementation, request-scope lifecycle helpers, and Inject/ContainerRegistry integration.
Add unit tests validating singleton, transient, and request-scoped behavior.
Add repository scaffolding for packaging, CI, pre-commit, and Docker-based development.
(Extracted from oidc-auth-lib)