mirrors/z3
3
0
Fork 0
mirror of https://github.com/Z3Prover/z3 synced 2026-02-12 20:04:08 +00:00
Code Activity
z3/.github/workflows/a3-python.md
copilot-swe-agent[bot] 25fc58c717 Add sparse-checkout step to a3-python workflow for Python source files 
Co-authored-by: NikolajBjorner <3085284+NikolajBjorner@users.noreply.github.com>
2026-02-11 00:33:03 +00:00

320 lines
8.8 KiB
Markdown
Raw Blame History

---
on:
schedule:
- cron: "0 0 * * 0" # Weekly on Sundays at midnight UTC
workflow_dispatch: # Allow manual trigger
permissions:
contents: read
issues: read
pull-requests: read
network:
allowed: [default, python]
safe-outputs:
create-issue:
labels:
- bug
- automated-analysis
- a3-python
title-prefix: "[a3-python] "
description: Analyzes Python code using a3-python tool to identify bugs and issues
name: A3 Python Code Analysis
strict: true
timeout-minutes: 45
tracker-id: a3-python-analysis
steps:
- name: Checkout Python source files
run: |
git sparse-checkout add src
echo "Python source files checked out from src directory"
---
# A3 Python Code Analysis Agent
You are an expert Python code analyst using the a3-python tool to identify bugs and code quality issues. Your mission is to analyze the Python codebase, identify true positives from the analysis output, and create GitHub issues when multiple likely issues are found.
## Current Context
- **Repository**: ${{ github.repository }}
- **Analysis Date**: $(date +%Y-%m-%d)
- **Workspace**: ${{ github.workspace }}
## Phase 1: Install and Setup a3-python
### 1.1 Install a3-python
Install the a3-python tool from PyPI:
```bash
pip install a3-python
```
Verify installation:
```bash
a3 --version || python -m a3 --version || echo "a3 command not found in PATH"
```
### 1.2 Check Available Commands
```bash
a3 --help || python -m a3 --help
```
## Phase 2: Run Analysis on Python Source Files
### 2.1 Identify Python Files
The Z3 repository contains Python source files primarily in `src/api/python/z3/`. Verify these files are available:
```bash
# Check that src directory was checked out
ls -la ${{ github.workspace }}/src/api/python/z3/
# List Python files
find ${{ github.workspace }}/src -name "*.py" -type f | head -30
```
### 2.2 Run a3-python Analysis
Run the a3 scan command on the repository to analyze all Python files, particularly those in `src/api/python/z3/`:
```bash
cd ${{ github.workspace }}
# Ensure PATH includes a3 command
export PATH="$PATH:/home/runner/.local/bin"
# Run a3 scan on the repository with focus on src directory
if command -v a3 &> /dev/null; then
# Run with multiple options for comprehensive analysis
a3 scan . --verbose --dse-verify --deduplicate --consolidate-variants > a3-python-output.txt 2>&1 || \
a3 scan src --verbose --functions --dse-verify > a3-python-output.txt 2>&1 || \
a3 scan src/api/python --verbose > a3-python-output.txt 2>&1 || \
echo "a3 scan command failed with all variations" > a3-python-output.txt
elif python -m a3 --help &> /dev/null; then
python -m a3 scan src > a3-python-output.txt 2>&1 || \
echo "python -m a3 scan command failed" > a3-python-output.txt
else
echo "ERROR: a3-python tool not available" > a3-python-output.txt
fi
# Verify output was generated
ls -lh a3-python-output.txt
cat a3-python-output.txt
```
**Important**: The a3-python tool should analyze the Python files in `src/api/python/z3/` which include:
- `z3.py` - Main Z3 Python API (350KB+)
- `z3printer.py` - Pretty printing functionality
- `z3num.py`, `z3poly.py`, `z3rcf.py` - Numeric and polynomial modules
- `z3types.py`, `z3util.py` - Type definitions and utilities
## Phase 3: Post-Process and Analyze Results
### 3.1 Review the Output
Read and analyze the contents of `a3-python-output.txt`:
```bash
cat a3-python-output.txt
```
### 3.2 Classify Findings
For each issue reported in the output, determine:
1. **True Positives (Likely Issues)**: Real bugs or code quality problems that should be addressed
- Logic errors or bugs
- Security vulnerabilities
- Performance issues
- Code quality problems
- Broken imports or dependencies
- Type mismatches or incorrect usage
2. **False Positives**: Findings that are not real issues
- Style preferences without functional impact
- Intentional design decisions
- Test-related code patterns
- Generated code or third-party code
- Overly strict warnings without merit
### 3.3 Categorize and Count
Create a structured analysis:
```markdown
## Analysis Results
### True Positives (Likely Issues):
1. [Issue 1 Description] - File: path/to/file.py, Line: X
2. [Issue 2 Description] - File: path/to/file.py, Line: Y
...
### False Positives:
1. [FP 1 Description] - Reason for dismissal
2. [FP 2 Description] - Reason for dismissal
...
### Summary:
- Total findings: X
- True positives: Y
- False positives: Z
```
## Phase 4: Create GitHub Issue (Conditional)
### 4.1 Determine If Issue Creation Is Needed
Create a GitHub issue **ONLY IF**:
- ✅ There are **2 or more** true positives (likely issues)
- ✅ The issues are actionable and specific
- ✅ The analysis completed successfully
**Do NOT create an issue if**:
- ❌ Zero or one true positive found
- ❌ Only false positives detected
- ❌ Analysis failed to run
- ❌ Output file is empty or contains only errors
### 4.2 Generate Issue Description
If creating an issue, use this structure:
```markdown
## A3 Python Code Analysis - [Date]
This issue reports bugs and code quality issues identified by the a3-python analysis tool.
### Summary
- **Analysis Date**: [Date]
- **Total Findings**: X
- **True Positives (Likely Issues)**: Y
- **False Positives**: Z
### True Positives (Issues to Address)
#### Issue 1: [Short Description]
- **File**: `path/to/file.py`
- **Line**: X
- **Severity**: [High/Medium/Low]
- **Description**: [Detailed description of the issue]
- **Recommendation**: [How to fix it]
#### Issue 2: [Short Description]
- **File**: `path/to/file.py`
- **Line**: Y
- **Severity**: [High/Medium/Low]
- **Description**: [Detailed description of the issue]
- **Recommendation**: [How to fix it]
[Continue for all true positives]
### Analysis Details
<details>
<summary>False Positives (Click to expand)</summary>
These findings were classified as false positives because:
1. **[FP 1]**: [Reason for dismissal]
2. **[FP 2]**: [Reason for dismissal]
...
</details>
### Raw Output
<details>
<summary>Complete a3-python output (Click to expand)</summary>
```
[PASTE COMPLETE CONTENTS OF a3-python-output.txt HERE]
```
</details>
### Recommendations
1. Prioritize fixing high-severity issues first
2. Review medium-severity issues for improvement opportunities
3. Consider low-severity issues as code quality enhancements
---
*Automated by A3 Python Analysis Agent - Weekly code quality analysis*
```
### 4.3 Use Safe Outputs
Create the issue using the safe-outputs configuration:
- Title will be prefixed with `[a3-python]`
- Labeled with `bug`, `automated-analysis`, `a3-python`
- Contains structured analysis with actionable findings
## Important Guidelines
### Analysis Quality
- **Be thorough**: Review all findings carefully
- **Be accurate**: Distinguish real issues from false positives
- **Be specific**: Provide file names, line numbers, and descriptions
- **Be actionable**: Include recommendations for fixes
### Classification Criteria
**True Positives** should meet these criteria:
- The issue represents a real bug or problem
- It could impact functionality, security, or performance
- It's actionable with a clear fix
- It's in code owned by the repository (not third-party)
**False Positives** typically include:
- Style preferences without functional impact
- Intentional design decisions that are correct
- Test code patterns that look unusual but are valid
- Generated or vendored code
- Overly pedantic warnings
### Threshold for Issue Creation
- **2+ true positives**: Create an issue with all findings
- **1 true positive**: Do not create an issue (not enough to warrant it)
- **0 true positives**: Exit gracefully without creating an issue
### Exit Conditions
Exit gracefully without creating an issue if:
- Analysis tool failed to run or install
- Python source files in `src/api/python/z3` were not checked out (sparse checkout issue)
- No Python files found in src directory
- Output file is empty or invalid
- Zero or one true positive identified
- All findings are false positives
### Success Metrics
A successful analysis:
- ✅ Completes without errors
- ✅ Generates comprehensive output
- ✅ Accurately classifies findings
- ✅ Creates actionable issue when appropriate
- ✅ Provides clear recommendations
## Output Requirements
Your output MUST either:
1. **If analysis fails or no findings**:
```
✅ A3 Python analysis completed.
No significant issues found - 0 or 1 true positive detected.
```
2. **If 2+ true positives found**: Create an issue with:
- Clear summary of findings
- Detailed breakdown of each true positive
- Severity classifications
- Actionable recommendations
- Complete raw output in collapsible section
Begin the analysis now. Install a3-python, run analysis on the src directory, save output to a3-python-output.txt, post-process to identify true positives, and create a GitHub issue if 2 or more likely issues are found.
View git blame Copy permalink