diff --git a/.github/actions/check-dead-code/action.yaml b/.github/actions/check-dead-code/action.yaml new file mode 100644 index 000000000..0e595052b --- /dev/null +++ b/.github/actions/check-dead-code/action.yaml @@ -0,0 +1,19 @@ +name: "Check Dead Code" +description: "Runs Vulture to detect unused Python code." + +runs: + using: "composite" + steps: + - name: Set up Python + uses: actions/setup-python@v6 + with: + python-version: "3.13" + + - name: Install dependencies + shell: bash + run: make dependencies install-python + + - name: Run Vulture + shell: bash + run: poetry run vulture + diff --git a/.github/workflows/stage-1-commit.yaml b/.github/workflows/stage-1-commit.yaml index 36a15737d..86c53ed5c 100644 --- a/.github/workflows/stage-1-commit.yaml +++ b/.github/workflows/stage-1-commit.yaml @@ -157,3 +157,13 @@ jobs: uses: actions/checkout@v6 - name: "Run OWASP Dependency Scan" uses: ./.github/actions/owasp-dependency-scan + check-dead-code: + name: "Check for dead code" + runs-on: ubuntu-latest + timeout-minutes: 2 + steps: + - name: "Checkout code" + uses: actions/checkout@v6 + - name: "Check for dead code" + uses: ./.github/actions/check-dead-code + diff --git a/Makefile b/Makefile index 4cd4d9fc1..342b5c14b 100644 --- a/Makefile +++ b/Makefile @@ -28,6 +28,9 @@ format: ## Format and fix code format_lint: format lint +vulture: + poetry run vulture + #Files to loop over in release _dist_include="pytest.ini poetry.lock poetry.toml pyproject.toml Makefile build/. tests" @@ -52,7 +55,7 @@ config:: # Configure development environment (main) @Configuration # TODO: Use only 'make' targets that are specific to this project, e.g. you may not need to install Node.js make _install-dependencies -precommit: test-unit build test-integration lint ## Pre-commit tasks +precommit: test-unit build test-integration lint vulture ## Pre-commit tasks python -m this # ============================================================================== diff --git a/poetry.lock b/poetry.lock index c59d3c799..bace7d18e 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.1.4 and should not be changed by hand. [[package]] name = "aiohappyeyeballs" @@ -3170,6 +3170,18 @@ h2 = ["h2 (>=4,<5)"] socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] zstd = ["backports-zstd (>=1.0.0) ; python_version < \"3.14\""] +[[package]] +name = "vulture" +version = "2.14" +description = "Find dead code" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "vulture-2.14-py2.py3-none-any.whl", hash = "sha256:d9a90dba89607489548a49d557f8bac8112bd25d3cbc8aeef23e860811bd5ed9"}, + {file = "vulture-2.14.tar.gz", hash = "sha256:cb8277902a1138deeab796ec5bef7076a6e0248ca3607a3f3dee0b6d9e9b8415"}, +] + [[package]] name = "wcwidth" version = "0.2.13" @@ -3456,4 +3468,4 @@ propcache = ">=0.2.1" [metadata] lock-version = "2.1" python-versions = "^3.13" -content-hash = "c5064b43e402173391286c84cff772c1776fdf816a8fbd229cfdafa26da4b456" +content-hash = "4456e8d9141a4581c9fc2a1bda3c779fe194359c2d5a1588fe180563afb9b2b6" diff --git a/pyproject.toml b/pyproject.toml index 4fbaa3f8e..086a0ebce 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -63,6 +63,8 @@ python-dotenv = "^1.2.1" openapi-spec-validator = "^0.7.2" pip-licenses = "^5.5.0" cachetools = "^7.0.1" +vulture = "^2.14" + [tool.poetry-plugin-lambda-build] docker-image = "public.ecr.aws/sam/build-python3.13:1.139-x86_64" # See https://gallery.ecr.aws/search?searchTerm=%22python%22&architecture=x86-64&popularRegistries=amazon&verified=verified&operatingSystems=Linux @@ -114,3 +116,8 @@ exclude_lines = [ "if TYPE_CHECKING:", "raise NotImplementedError", ] + +[tool.vulture] +min_confidence = 80 +paths = ["src/", "tests/"] +ignore_names = ["secretsmanager_client", "consumer_*", "rule_processor_instance"]