gh-37: Improve type hints, test stability, and Dependabot/CI configuration in tooling

[Aasyaco]

gh-37: Improve type hints, test stability, Dependabot automation, and fork CI configuration

This PR collects non-functional, backward-compatible enhancements to boost developer productivity and maintenance quality in the zrsx/cpython repository:

• Precise type annotations for better mypy/pyright compatibility.
• Fixes for test flakiness, lint warnings, and edge-case errors.
• Dependabot workflow upgrades (weekly checks + auto-rebasing).
• Fork-specific CI/governance tweaks (workflow unlocks, team-based CODEOWNERS).

No runtime impact — zero changes to interpreter behavior, standard library semantics, or user-facing APIs. All modifications are confined to test support code, tooling (Clinic), configuration files, and GitHub Actions.

Detailed Changes by Category

Type Hinting & Static Analysis

• Added explicit type hint for orig_threading_excepthook in Lib/test/libregrtest/utils.py: Callable[[threading.ExceptHookArgs], None] | None.
• Properly exposed the cpp submodule from Tools/clinic/libclinic/__init__.py (import + __all__ entry) to satisfy type checkers.

Test Stability & Lint Fixes

• Resolved lint issues (formatting, whitespace) in test_ci_fuzz_stdlib.
• Fixed potential UnboundLocalError in the same test by proper variable initialization and path validation.

Dependabot & Dependency Automation

• Enabled explicit auto-rebasing with rebase-strategy: "auto".
• Switched update frequency from monthly to weekly for timelier dependency/security PRs.

Fork CI & Organization Maintenance

• Unlocked PR labeling workflow to run on zrsx-owned repositories.
• Unlocked stale issue/PR job for zrsx repositories.
• Centralized CODEOWNERS ownership to the @zrsx/core-dev team (replacing individual usernames).

Commits Included
(Exactly the commits requested, listed chronologically with short hashes):

1. 7ff33af — misc: unlock PR labeling workflow for zrsx repositories
   7ff33af

2. 2a42c53 — misc: unlock stale job for zrsx repositories
   2a42c53

3. 8228c84 — bpo: Fix lint issues in test_ci_fuzz_stdlib
   8228c84

4. af67a0a — bpo: Fix UnboundLocalError in test_ci_fuzz_stdlib
   af67a0a

5. a1d5ba9 — bpo: expose libclinic.cpp and update all for mypy
   a1d5ba9

6. de303b6 — Fix: Add type hint for orig_threading_excepthook
   de303b6

7. 20a4948 — chore: enable explicit auto-rebasing in dependabot configuration
   20a4948

8. 87bc392 — chore(dependabot): change update schedule from monthly to weekly
   87bc392

9. 60d1043 — chore(CODEOWNERS): replace individual usernames with @zrsx/core-dev team
   60d1043

Testing

• ./python -m test (full regrtest suite) passes cleanly.
• mypy runs with no new errors or regressions from the type hints.
• No additional test cases needed — fixes are targeted at existing code paths.

Documentation

• No user-facing changes, deprecations, features, or security fixes.
• No entries required in Doc/whatsnew/ or NEWS.d (or Misc/NEWS.d).
• These are internal developer tooling, test infrastructure, and repository configuration improvements only. Per CPython contribution guidelines, such changes do not warrant changelog documentation unless they affect users, build processes, or introduce visible behavior shifts.

Issue
Closes gh-37.

Review Guidance
Focus on:

• Type hint accuracy and mypy satisfaction.
• No new test instability or overly broad exception handling.
• Dependabot config (weekly + auto-rebase should reduce maintainer burden).
• CODEOWNERS shift to team-based (intended for zrsx org scalability).

Thanks for the reviews and feedback — excited to get this landed!

-->

Summary by Sourcery

Tighten tooling type hints and testing behavior while updating repository-specific Dependabot and CI workflow configuration.

New Features:

• Expose the libclinic cpp submodule through the package all export list.

Bug Fixes:

• Make the compute_changes CI fuzzing test skip non-existent fuzzable files and provide clearer assertion messages.
• Narrow the type annotation for orig_threading_excepthook to the concrete threading.ExceptHookArgs signature.

CI:

• Increase Dependabot check frequency for GitHub Actions and tooling pip dependencies and enable automatic rebasing of its PRs.
• Adjust repository-owner conditions in PR label and stale-issue workflows to match this fork's organization.

Tests:

• Improve stability and diagnostics of the CI fuzzing coverage test for standard library files.

Summary by CodeRabbit

• Chores

  • Consolidated repository ownership metadata under a central core-dev group
  • Switched dependency update schedule to weekly and enabled auto-rebase
  • Updated CI workflow/stale job conditions to target the central repository owner

• Tests

  • Improved test robustness with safer file handling and clearer assertion messages
  • Tightened type annotations in test utilities for more accurate typing

• New Features

  • Exposed a new public submodule in the tooling API

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Updates test tooling, CI workflows, Dependabot settings, and typing hints for improved reliability and project-local behavior.

Flow diagram for GitHub Actions workflow execution based on repository owner

flowchart TD
    Start["GitHub event (PR opened / scheduled run)"] --> CheckOwner{"Is github.repository_owner == 'zrsx'?"}

    CheckOwner -->|Yes| RunWorkflows["Run repository-local workflows\nrequire-pr-label.yml\nstale.yml"]
    CheckOwner -->|No| SkipWorkflows["Skip these workflows\n(no checks or stale handling)"]

    RunWorkflows --> End["Event handling complete"]
    SkipWorkflows --> End

Loading

File-Level Changes

Change	Details	Files
Harden CI fuzzing test to only run on existing fuzzable files and provide more informative assertion messages.	Initialize a candidate fuzzable file variable and only assign when the path is a directory with an existing 'file' entry or a regular file Skip loop iterations when no valid fuzzable file is found instead of passing a non-existent path to processing Augment assertions to include descriptive messages when CI fuzzing does not run or when a file is not recognized as fuzzable	Lib/test/test_tools/test_compute_changes.py
Tighten Dependabot configuration to check more frequently and automatically rebase dependency update PRs.	Change Dependabot schedule interval for GitHub Actions updates from monthly to weekly Change Dependabot schedule interval for pip updates under Tools from monthly to weekly Enable automatic rebase strategy for both GitHub Actions and pip ecosystems	.github/dependabot.yml
Adjust GitHub Actions workflows to be active only on the forked repository owner instead of the upstream python organization.	Update conditional expressions in require-pr-label workflow jobs to match the 'zrsx' repository owner Update conditional expression in stale workflow job to match the 'zrsx' repository owner	.github/workflows/require-pr-label.yml .github/workflows/stale.yml
Expose the libclinic cpp submodule at the package level.	Add 'cpp' to the all export list so that it can be imported directly from Tools.clinic.libclinic	Tools/clinic/libclinic/__init__.py
Improve typing for the original threading excepthook reference used by libregrtest.	Narrow orig_threading_excepthook type from a generic Callable to Callable[[threading.ExceptHookArgs], None] to better match threading excepthook signature	Lib/test/libregrtest/utils.py

Possibly linked issues

• Improve type precision in libregrtest excepthook, export clinic.cpp module in __all__, enhance Dependabot update frequency and rebasing, and fix test_compute_changes logic #37: They match exactly: same files and concerns—excepthook typing, cpp export, Dependabot weekly+rebase, tests, CI tweaks.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: c8e48bda-66b8-43d7-80f1-0e2a0f75eff3

📥 Commits

Reviewing files that changed from the base of the PR and between fd13427 and 662bb91.

📒 Files selected for processing (1)

• .github/CODEOWNERS

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/CODEOWNERS

---

📝 Walkthrough

Walkthrough

Reassigns CODEOWNERS entries to the zrsx/core-dev group, tightens a threading-excepthook type annotation, exposes Tools/clinic/libclinic.cpp, makes Dependabot run weekly with auto-rebase, adjusts workflow owner checks to zrsx, and adds guards and clearer messages in a fuzzing-related test.

Changes

Cohort / File(s)	Summary
Ownership & repo metadata /.github/CODEOWNERS	Consolidates many ownership entries to @zrsx/core-dev, adjusts exclusions and ownership blocks; some lines use backtick-wrapped owner tokens.
Dependabot config /.github/dependabot.yml	Changes schedules from monthly to weekly for targeted entries and adds rebase-strategy: "auto" under cooldown.
Workflows /.github/workflows/require-pr-label.yml, /.github/workflows/stale.yml	Replaces repository_owner checks from python to zrsx in workflow conditions.
Tests Lib/test/test_tools/test_compute_changes.py	Adds existence check when resolving library fuzzer file paths and supplies explicit msg= on assertions for clearer failures.
Test utils type Lib/test/libregrtest/utils.py	Adds import threading and refines orig_threading_excepthook annotation to `Callable[[threading.ExceptHookArgs], None]
Clinic tools API Tools/clinic/libclinic/__init__.py	Imports the local cpp submodule and adds "cpp" to __all__ to expose it in the public API.

Sequence Diagram(s)

(Skipped — changes are configuration, typing, small API exposure, and test guards; no new multi-component control flow introduced.)

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• gh-37: Improve type hints, test stability, and Dependabot/CI configuration in tooling #36 — Overlapping edits across CODEOWNERS, workflows, typing, clinic exports, and Dependabot settings.
• Bump CI tooling and testing dependencies in /Tools #24 — Related edits exposing Tools/clinic/libclinic.cpp and the orig_threading_excepthook type change.
• config: expand Dependabot to multi-branch weekly updates #9 — Similar Dependabot schedule and rebase/cooldown changes in .github/dependabot.yml.

Suggested labels

dependencies, type-bug, type-refactor, skip news, awaiting review

Suggested reviewers

• Ansyso
• plfj

Poem

🐰 I hopped through CODEOWNERS with glee,
Gave cpp a name and fixed a type for me,
Dependabot now wakes each week,
Workflows check zrsx when they peek,
Tests now guard paths — a tidy spree. 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main changes: type hints improvements, test stability fixes, and Dependabot/CI configuration updates. It directly aligns with all major file modifications in the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• You’ve added "cpp" to libclinic.all but don’t appear to bind a cpp symbol in this package; consider importing or defining libclinic.cpp so that from Tools.clinic.libclinic import * doesn’t expose a missing attribute.
• Now that orig_threading_excepthook is annotated as Callable[[threading.ExceptHookArgs], None] | None, it would be good to update regrtest_threading_excepthook’s signature to accept a typed args: threading.ExceptHookArgs for consistency and better type checking.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- You’ve added "cpp" to libclinic.__all__ but don’t appear to bind a cpp symbol in this package; consider importing or defining libclinic.cpp so that `from Tools.clinic.libclinic import *` doesn’t expose a missing attribute.
- Now that orig_threading_excepthook is annotated as `Callable[[threading.ExceptHookArgs], None] | None`, it would be good to update `regrtest_threading_excepthook`’s signature to accept a typed `args: threading.ExceptHookArgs` for consistency and better type checking.

## Individual Comments

### Comment 1
<location path="Lib/test/test_tools/test_compute_changes.py" line_range="60-61" />
<code_context>
+                            f = candidate
                     elif p.is_file():
                         f = p
+                    if f is None:
+                        continue
                     result = process_changed_files({f})
-                    self.assertTrue(result.run_ci_fuzz_stdlib)
</code_context>
<issue_to_address>
**suggestion (testing):** Avoid silently skipping all `LIBRARY_FUZZER_PATHS` and weakening the test’s guarantee

With the new `continue` when `f is None`, this test can now pass even if none of the `LIBRARY_FUZZER_PATHS` yield an existing fuzzable file, whereas before a missing file would fail the test and catch CI fuzz config issues.

To keep the test stable but still meaningful, either:
- Track whether at least one `f` was found and `self.fail`/assert after the loop if none were, or
- Fail immediately when an expected path has no fuzzable file instead of `continue`-ing.

This preserves the test’s ability to detect configuration drift rather than becoming a no-op when nothing is found.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion (testing): Avoid silently skipping all LIBRARY_FUZZER_PATHS and weakening the test’s guarantee

With the new continue when f is None, this test can now pass even if none of the LIBRARY_FUZZER_PATHS yield an existing fuzzable file, whereas before a missing file would fail the test and catch CI fuzz config issues.

To keep the test stable but still meaningful, either:

• Track whether at least one f was found and self.fail/assert after the loop if none were, or
• Fail immediately when an expected path has no fuzzable file instead of continue-ing.

This preserves the test’s ability to detect configuration drift rather than becoming a no-op when nothing is found.

[coderabbitai]

🧹 Nitpick comments (1)

Lib/test/libregrtest/utils.py (1)

14-14: Improved type precision.

The type annotation Callable[[threading.ExceptHookArgs], None] is more accurate than Callable[..., None] and properly documents the expected callback signature.

Note: The local import threading at line 174 inside setup_threading_excepthook() is now redundant since threading is imported at module level. Consider removing it.

♻️ Optional: Remove redundant local import

 def setup_threading_excepthook() -> None:
     global orig_threading_excepthook
-    import threading
     orig_threading_excepthook = threading.excepthook
     threading.excepthook = regrtest_threading_excepthook

Also applies to: 154-154

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Lib/test/libregrtest/utils.py` at line 14, Update the type annotation for the
threading exception hook from a generic Callable[..., None] to
Callable[[threading.ExceptHookArgs], None] to precisely document the expected
callback signature (look for the variable/parameter annotated with Callable in
utils.py and in setup_threading_excepthook). Also remove the redundant local
"import threading" inside setup_threading_excepthook() since threading is
already imported at module scope. Ensure any type references use
threading.ExceptHookArgs so the signature is accurate.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@Lib/test/libregrtest/utils.py`:
- Line 14: Update the type annotation for the threading exception hook from a
generic Callable[..., None] to Callable[[threading.ExceptHookArgs], None] to
precisely document the expected callback signature (look for the
variable/parameter annotated with Callable in utils.py and in
setup_threading_excepthook). Also remove the redundant local "import threading"
inside setup_threading_excepthook() since threading is already imported at
module scope. Ensure any type references use threading.ExceptHookArgs so the
signature is accurate.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 881e1f22-2b00-426b-ab5a-60881b5a2583

📥 Commits

Reviewing files that changed from the base of the PR and between e0f7c10 and 72a5c97.

📒 Files selected for processing (7)

• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/require-pr-label.yml
• .github/workflows/stale.yml
• Lib/test/libregrtest/utils.py
• Lib/test/test_tools/test_compute_changes.py
• Tools/clinic/libclinic/__init__.py

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/CODEOWNERS (1)

651-651: Align adjacent comment with current owner mapping.

Line 651 now assigns .mailmap to @zrsx/core-dev, but the nearby comment still mentions @python/email-team. Please update the comment to avoid confusion.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/CODEOWNERS at line 651, Update the adjacent human-readable comment
near the .mailmap entry so it reflects the new owner mapping: replace any
mention of `@python/email-team` with `@zrsx/core-dev` so the comment matches the
actual CODEOWNERS line that assigns .mailmap to `@zrsx/core-dev`; ensure the
comment references the .mailmap entry and retains original phrasing/formatting
aside from the owner change.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/CODEOWNERS:
- Line 135: Remove the stray merge marker "=======" from the CODEOWNERS file:
locate the literal line containing "=======" (currently present on line with the
unresolved merge artifact) and delete it so the file contains only valid
CODEOWNERS patterns and comments; ensure no other leftover merge markers (e.g.,
"<<<<<<<" or ">>>>>>>") remain and run a quick validation of the file after
editing.

---

Nitpick comments:
In @.github/CODEOWNERS:
- Line 651: Update the adjacent human-readable comment near the .mailmap entry
so it reflects the new owner mapping: replace any mention of `@python/email-team`
with `@zrsx/core-dev` so the comment matches the actual CODEOWNERS line that
assigns .mailmap to `@zrsx/core-dev`; ensure the comment references the .mailmap
entry and retains original phrasing/formatting aside from the owner change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 98f17070-038d-4030-806b-92dd80c98889

📥 Commits

Reviewing files that changed from the base of the PR and between 72a5c97 and db3d224.

📒 Files selected for processing (3)

• .github/CODEOWNERS
• .github/dependabot.yml
• .github/workflows/stale.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/dependabot.yml

[Aasyaco]

@copilot