- Add PathValidator class for preventing path traversal attacks
- Add SecureSubprocessRunner for safe command execution
- Replace unsafe XML parsing with defusedxml for security
- Add comprehensive input validation tools for circuit generation
- Include security dependencies (defusedxml, bandit) in pyproject.toml
- Add security scanning job to CI/CD pipeline
- Add comprehensive test coverage for security utilities
- Add timeout constants for safe operation limits
- Add boundary validation for component positioning
This establishes a strong security foundation for the KiCad MCP server
by implementing defense-in-depth security measures across all input
vectors and external process interactions.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Add GitHub Actions CI/CD workflow with multi-OS testing (Ubuntu, macOS)
- Add pyproject.toml for modern Python packaging with hatchling
- Add pre-commit hooks for code quality (ruff, mypy, trailing whitespace)
- Add Makefile for common development tasks (install, test, lint, format, build)
- Add run_tests.py script for comprehensive test execution
- Update requirements.txt with development dependencies
- Update .gitignore for modern Python tooling (uv, ruff, pytest)
- Add KiCad-specific ignore patterns for backup files
This establishes a robust development workflow with:
- Automated testing on Python 3.10, 3.11, 3.12
- Code formatting and linting with ruff
- Type checking with mypy
- Coverage reporting with pytest-cov
- Package building with uv
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>
