Release 1.0.0: remove support for Python 3.6, 3.7; fix linting errors#5
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
| fail-fast: false | ||
| matrix: | ||
| python-version: [3.7, 3.8, 3.9] | ||
| python-version: [ "3.8", "3.9", "3.10", "3.11", "3.12", "3.13", "3.14" ] |
There was a problem hiding this comment.
seems like 3.8 & 3.9 are also eol https://endoflife.date/python should we remove those as well?
There was a problem hiding this comment.
I think I would keep these for now, since they are still available in GitHub runners.
…quests requirement
| .PHONY: install test | ||
| clean: | ||
| rm -rf .venv | ||
| mise deps |
There was a problem hiding this comment.
Clean target wrong mise command
Medium Severity
The new clean target removes .venv then runs mise deps, but this project’s .mise.toml only configures a Python venv and tasks—no mise deps providers. That command does not recreate the venv or reinstall pip install -e '.[test]', so make clean leaves local dev without the environment the PR documents.
Reviewed by Cursor Bugbot for commit c761e31. Configure here.
There was a problem hiding this comment.
mise deps does actually recreate the venv. That's why I included it in this make target.
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
There are 3 total unresolved issues (including 1 from previous review).
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 7673d4e. Configure here.
| flake8 --max-complexity=10 --statistics --exit-zero customerio/analytics | ||
|
|
||
| lint-ci: | ||
| pylint --rcfile=.pylintrc --exit-zero --fail-on=E customerio/analytics |
There was a problem hiding this comment.
Pylint CI never fails
Medium Severity
The new lint-ci target passes both --exit-zero and --fail-on=E to pylint. --exit-zero forces a zero exit status even when errors are reported, so the Lint workflow can pass while pylint reports E-level issues, undermining the split lint CI gate.
Reviewed by Cursor Bugbot for commit 7673d4e. Configure here.
There was a problem hiding this comment.
--fail-on=E seems to take precedence over --exit-zero, as seen in this failed lint run: https://github.com/customerio/cdp-analytics-python/actions/runs/28161429326/job/83402638737
| .PHONY: install test | ||
| lint: | ||
| pylint --rcfile=.pylintrc --reports=y --exit-zero customerio/analytics | ||
| flake8 --max-complexity=10 --statistics --exit-zero customerio/analytics |
There was a problem hiding this comment.
Invalid flake8 exit-zero flag
Medium Severity
The local lint target adds --exit-zero to the flake8 command. Flake8 3.7.x does not define that option (unlike pylint), so flake8 typically exits with an unrecognized-argument error and make lint / mise run lint fails before reporting style issues.
Reviewed by Cursor Bugbot for commit 7673d4e. Configure here.
There was a problem hiding this comment.
Back in reality, this does not happen, and the command completes successfully with flake 3.7.9.
…ndling Add customerio/__init__.py so pylint can resolve the package hierarchy. Fix raise-missing-from, return-in-finally, and import ordering warnings. Fix RuntimeError formatting bug where %-placeholders were not interpolated. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
|
|
||
| [settings] | ||
| python.uv_venv_auto = false | ||
| python.venv_stdlib = true |
There was a problem hiding this comment.
Prefer using venv over uv, and ensure that pip is installed in the venv.


Changes:
__init__.py, import ordering, exception handlingcustomerio/__init__.pyso pylint can resolve the package hierarchy.RuntimeErrorformatting bug where %-placeholders were not interpolated.Note
Medium Risk
Breaking change for users on Python 3.6/3.7 and a major version bump; dependency floor changes install behavior, though application logic changes are small.
Overview
Major release 1.0.0 drops Python 3.6/3.7 (
python_requires>=3.8) and raisesrequeststo>=2.32.4(and related pins) for security fixes. Version is bumped in.bumpversion.cfgandversion.py.CI and local dev are reworked: a dedicated Lint workflow runs
make lint-ci; tests no longer run pylint/flake8. The test matrix covers 3.8–3.14 withfail-fast: false, and GitHub Actions use checkout/setup-python v6. mise (.mise.toml) and.venvin.gitignoresupport local workflows;Makefileaddslint,lint-ci, andclean.Small runtime fixes: oversized-message
RuntimeErrorinclient.pyuses correct formatting;consumer.pyreturns upload success outsidefinally;request.pychainsValueErrorwhen buildingAPIError. README doc URLs are updated.Reviewed by Cursor Bugbot for commit ddc5d6a. Bugbot is set up for automated code reviews on this repo. Configure here.