riskratchet provides a mechanical way to enforce maintainability in Python code, analyzing function risk scores based on coverage gaps and complexity. It improves code quality by failing CI for risky changes and preventing complexity creep, enabling developers to focus on building robust applications without the 'complexity cop' burden.
Riskratchet: A Maintainability Ratchet for AI-assisted Python
Riskratchet is a powerful tool designed to enhance the maintainability of Python code by effectively managing risks associated with code complexity and testing. It systematically computes a per-function risk score based on several factors such as coverage gaps, cyclomatic complexity, and churn, ensuring that the risk level never increases beyond a predefined baseline.
Key Features
- Monitors and evaluates code maintainability metrics automatically during the CI process.
- Prevents the degradation of code quality by blocking commits or failing builds when risk scores rise above acceptable thresholds.
- Integrates with continuous integration workflows to promote a solid coding standard without manual oversight.
The Problem It Solves
AI coding agents excel at generating code that is functional; however, they often fall short in the following critical areas:
- Crafting meaningful tests for new code.
- Detecting unnoticed increases in function size and complexity.
- Identifying exposed functions in public APIs that lack sufficient test coverage.
- Recognizing when a minor refactor substantially complicates code.
Riskratchet addresses these challenges by serving as an automated safeguard, computing risk scores that highlight potential issues while allowing teams to maintain their focus on development.
Workflow Overview
-
Install Riskratchet (Use pip or run without installation):
pip install riskratchet # or run without installing uvx riskratchet --help -
Run Tests with Coverage to generate a JSON report:
pytest --cov --cov-report=json:coverage.json -
Create a Baseline that defines the current acceptable risk profile:
riskratchet baseline src --coverage coverage.json --output .riskratchet.json -
Scan Code for risks based on the established profile:
riskratchet scan src --coverage coverage.json -
Check for Regressions after a commit:
riskratchet check src --coverage coverage.json --baseline .riskratchet.jsonThe
checkcommand returns1for regressions,2for usage errors, and0for a successful run.
The GitHub Action Integration
Riskratchet offers seamless integration as a GitHub Action, making it easy to include in pull request workflows. It automatically checks for quality violations and provides insightful comments directly on PRs to inform contributors of any issues:
# .github/workflows/riskratchet.yml
on: [pull_request]
jobs:
riskratchet:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: KayhanB21/riskratchet@v0.2.13
with:
coverage: coverage.json
Advanced Scoring System
The Riskratchet scoring system evaluates each function based on six components:
| Component | Weight | Description |
|---|---|---|
| Coverage Gap | 30% | Measures the percentage of untested lines in a function. |
| Structural Complexity | 25% | Evaluates the cyclomatic complexity of the function. |
| Branch Gap | 15% | Assesses the percentage of untested branches. |
| Churn | 10% | Counts recent changes to a function within a specified timeframe. |
| Public Surface | 10% | Considers the impact of public functions on overall risk. |
| Sprawl | 10% | Analyzes function and file length relative to others. |
Conclusion
Riskratchet is an essential tool for Python developers aiming to maintain a high standard of code quality while leveraging AI-assisted coding. By effectively identifying and managing risks associated with complexity and testing, it empowers teams to focus on innovation rather than administrative oversight. Explore more on the PyPI project page and start improving code maintainability today.
No comments yet.
Sign in to be the first to comment.