# OpenZIM MCP Development Makefile

.PHONY: help install install-dev install-hooks setup-dev check-tools test test-cov test-with-zim-data test-integration test-requires-zim-data test-live test-live-docker benchmark lint format type-check security download-test-data download-test-data-all list-test-data clean clean-test-data build publish publish-test run check ci

help:  ## Show this help message
	@uv run python scripts/generate_help.py

install:  ## Install production dependencies
	uv sync --no-dev

install-dev:  ## Install development dependencies
	uv sync

install-hooks:  ## Install pre-commit hooks
	@echo "Installing pre-commit hooks..."
	uv run pre-commit install
	@echo "Pre-commit hooks installed successfully"

setup-dev:  ## Setup complete development environment
	uv run python scripts/setup_dev_env.py

check-tools:  ## Verify required tools are available
	@uv run python scripts/check_tools.py

test:  ## Run tests
	uv run pytest

test-cov:  ## Run tests with coverage
	uv run pytest --cov=openzim_mcp --cov-report=html --cov-report=term-missing --cov-report=xml

test-with-zim-data:  ## Run tests with ZIM test data
	@uv run python scripts/run_with_env.py ZIM_TEST_DATA_DIR=test_data/zim-testing-suite uv run pytest

test-integration:  ## Run integration tests only
	uv run pytest -m "integration"

# Transitional no-op kept so the pull_request_target workflow on main (which
# still calls `make test-requires-zim-data` from the pre-v1.0 layout) does
# not error against a HEAD where the marker has no consumers. Safe to delete
# once the post-merge main no longer triggers pull_request_target.
test-requires-zim-data:  ## (deprecated v1.0) marker has no consumers; no-op shim
	@echo "test-requires-zim-data: requires_zim_data marker has no consumers as of v1.0; nothing to run."

test-live:  ## Run live-server tests (spawn real subprocesses; binds loopback ports)
	uv run pytest -m live tests/live/ --no-cov

test-live-docker:  ## Run docker live tests only (requires docker daemon; ~10min first build)
	uv run pytest -m "live and docker" tests/live/ --no-cov

benchmark:  ## Run performance benchmarks (selects tests marked/named "benchmark")
	@echo "Running performance benchmarks..."
	uv run pytest -k "benchmark" -v --benchmark-only
	@echo "Benchmark completed. Results saved to .benchmarks/"

lint:  ## Run linting
	uv run flake8 openzim_mcp tests
	uv run isort --check-only openzim_mcp tests
	uv run black --check openzim_mcp tests

format:  ## Format code
	uv run black openzim_mcp tests
	uv run isort openzim_mcp tests

type-check:  ## Run type checking
	uv run mypy openzim_mcp

security:  ## Run security scans (fails on bandit/pip-audit findings)
	@echo "Running security scans..."
	@echo "Running bandit security scan..."
	uv run bandit -r openzim_mcp -ll
	@echo "Running pip-audit dependency scan..."
	# --skip-editable so pip-audit doesn't try to look up the project
	# itself on PyPI. ``uv sync`` installs ``openzim-mcp`` in editable
	# mode, and during a release the local version (e.g. 2.0.0a7) is
	# by definition not yet on PyPI — without the skip, pip-audit
	# emits "Dependency not found on PyPI and could not be audited:
	# openzim-mcp (X.Y.ZaN)" and exits 1, blocking the release. Only
	# our project is editable; third-party deps still get audited.
	#
	# --ignore-vuln PYSEC-2025-183 (CVE-2025-45768): disputed pyjwt
	# advisory about "weak encryption" in HS256. pyjwt's maintainer
	# disputes the claim — key length is chosen by the application
	# that uses the library, not by pyjwt itself. No fix version is
	# documented (2.12.1 is the latest as of 2026-05-20), and openzim-
	# mcp pulls pyjwt only transitively via ``mcp``; the MCP server
	# uses pyjwt for OAuth bearer-token validation where key length
	# is controlled by the auth-provider configuration upstream, not
	# by this codebase. Re-evaluate when pyjwt ships a fix release or
	# the advisory database resolves the dispute.
	uv run pip-audit --skip-editable --ignore-vuln PYSEC-2025-183

download-test-data:  ## Download ZIM test data files
	uv run python scripts/download_test_data.py --priority 1

download-test-data-all:  ## Download all ZIM test data files
	uv run python scripts/download_test_data.py --all

list-test-data:  ## List available ZIM test data files
	uv run python scripts/download_test_data.py --list

clean:  ## Clean up generated files
	@uv run python scripts/clean.py

clean-test-data:  ## Clean downloaded test data
	@uv run python scripts/clean_test_data.py

build:  ## Build distribution packages
	@echo "Building distribution packages..."
	uv build
	@echo "Build completed. Check dist/ directory."

publish:  ## Publish to PyPI (requires authentication)
	@echo "Publishing to PyPI..."
	@echo "Note: Ensure you have proper authentication configured"
	uv publish

publish-test:  ## Publish to TestPyPI (requires authentication)
	@echo "Publishing to TestPyPI..."
	@echo "Note: Ensure you have proper authentication configured"
	uv publish --publish-url https://test.pypi.org/legacy/

run:  ## Run the server (requires ZIM_DIR environment variable)
	@uv run python scripts/run_server.py

check: lint type-check security test  ## Run all checks (lint, type-check, security, test)

ci: install-dev check  ## Run CI pipeline
