chore: audit follow-ups — redis set(ex=), v1.5.0 docs sync, requirements.txt header#95
Merged
Merged
Conversation
`Redis.setex` is `@deprecated_function` in redis-py 8.0.0 ("Use 'set'
instead") and emits a DeprecationWarning from the query-cache hot path on
every cached write. Switch `QueryCache.set` to `set(key, value, ex=ttl)`,
which is behaviorally identical (int seconds), and drop the now-unused
`timedelta` import.
All six in-repo Redis test doubles (unit cache/entity_cache/versioning,
integration tenant-isolation, chaos RESP client) implemented `setex`; they
move to `set(self, key, value, ex=None)` with the matching argument order,
and the chaos RESP client now issues `SET … EX` over the wire. The two
`set_calls` ttl assertions compare the integer `ex` directly.
Verified no-Docker: ruff + mypy clean, full unit suite 1096 passed / 1
skipped (the redis.setex DeprecationWarning is gone). The integration and
chaos doubles change symmetrically and are validated by their CI jobs.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The README Status section and release badge still described v1.4.0 as the current line even though v1.5.0 is tagged and published, and the CHANGELOG [Unreleased] section did not record the DV2 re-architecture already on main. - README: badge v1.4 -> v1.5, "current release line" -> v1.5.0, extend the release arc to five increments with a v1.5.0 bullet (argon2id O(1) key hashing, NL->SQL guard bypass fix, strict-mypy expansion), and add a note that main carries post-v1.5.0 work pending the next tag. - CHANGELOG [Unreleased]: document the DV2 raw vault migration ClickHouse -> PostgreSQL (#91), the PyIceberg sink backed by real MinIO (#92), the LISTEN/NOTIFY OLTP->vault freshness (#93), and the dependency batch (#94). - requirements.txt: add a header explaining it is a supplemental OTel pin set installed on top of the pyproject package by the e2e/mutation/staging workflows and the security Safety scan, not the full dependency set (pyproject.toml is the source of truth). load_requirements() skips comment lines and `pip -r` ignores them, so the header is non-breaking. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
DORA Metrics
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-ups from the 2026-06-27 project audit. Three hygiene/consistency findings; no behavior change to the serving API.
fix(cache): redis
set(ex=)instead of deprecatedsetexRedis.setexis@deprecated_functionin redis-py 8.0.0 and emits a DeprecationWarning from the query-cache hot path on every cached write.QueryCache.setnow callsset(key, value, ex=ttl)(behaviorally identical) and drops the unusedtimedeltaimport. All six in-repo Redis test doubles (unit cache / entity_cache / versioning, integration tenant-isolation, chaos RESP client) migrate toset(self, key, value, ex=None); the chaos client issuesSET … EXover the wire.docs: version story → v1.5.0
README Status/badge still said v1.4.0 though v1.5.0 is tagged & published, and CHANGELOG
[Unreleased]did not record the DV2 re-architecture already onmain. Adds the v1.5.0 release bullet + a post-v1.5.0 note, and documents #91 (raw vault CH→PostgreSQL), #92 (PyIceberg → real MinIO), #93 (LISTEN/NOTIFY freshness), #94 (deps batch).docs: clarify
requirements.txtAdds a header explaining it is a supplemental OTel pin set (installed by the e2e/mutation/staging workflows and the security Safety scan on top of the pyproject package), not the full dependency set —
pyproject.tomlis the source of truth.Verification (no-Docker, local)
ruff check+ruff format --checkcleanmypy src/clean (99 files)redis.setexDeprecationWarning is goneIntegration (
tenant_isolation) and chaos (conftest) doubles change symmetrically and are exercised by their CI jobs in this PR.