Python Library Review
Quick Health Check (5 min)
git clone https://github.com/user/package && cd package cat pyproject.toml | head -50 # Modern config? ls tests/ && pytest --collect-only # Tests exist? pytest --cov=package | tail -20 # Coverage? pip install bandit && bandit -r src/ # Security?
Review Dimensions
Area Check For
Structure src/ layout, py.typed marker
Packaging pyproject.toml (not setup.py)
Code Type hints, docstrings, no anti-patterns
Tests 80%+ coverage, edge cases
Security No secrets, input validation, pip-audit clean
Docs README, API docs, changelog
API Consistent naming, sensible defaults
CI/CD Tests on PR, multi-Python, security scans
Red Flags 🚩
-
No tests
-
No type hints
-
setup.py only (no pyproject.toml)
-
Pinned exact versions for all deps
-
No LICENSE file
-
Last commit > 1 year ago
Green Flags ✅
-
Active maintenance (recent commits)
-
High test coverage (>85%)
-
Comprehensive CI/CD
-
Type hints throughout
-
Clear documentation
-
Semantic versioning
Report Template
Library Review: [package]
Rating: [Excellent/Good/Needs Work/Significant Issues]
Strengths
- [Strength 1]
Areas for Improvement
- [Issue 1] - Severity: High/Medium/Low
Category Scores
| Category | Score |
|---|---|
| Structure | ⭐⭐⭐⭐⭐ |
| Testing | ⭐⭐⭐☆☆ |
| Security | ⭐⭐⭐⭐☆ |
Recommendations
- [High priority action]
- [Medium priority action]
For detailed checklists, see:
-
CHECKLIST.md - Full review checklist
-
REPORT_TEMPLATE.md - Complete report template
Best Practices Checklist
Essential:
- pyproject.toml valid
- Tests exist and pass
- README has install/usage
- LICENSE present
- No hardcoded secrets
Important:
- Type hints on public API
- CI runs tests on PRs
- Coverage > 70%
- Changelog maintained
Recommended:
- src/ layout
- py.typed marker
- Security scanning in CI
- Contributing guide
Learn More
This skill is based on the Guide to Developing High-Quality Python Libraries by Will McGinnis. See the full guide for detailed quality criteria and best practices across all dimensions of library development.