Skip to content

fix(workflow): prevent false positives in cli import check #4048

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
KrshnKush wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix(workflow): prevent false positives in cli import check #4048

KrshnKush wants to merge 2 commits into from
+2 −2

Conversation

@KrshnKush
Copy link

@KrshnKush KrshnKush commented Dec 30, 2025
edited
Loading

Please ensure you have read the contribution guide before creating a pull request.

Link to Issue or Description of Change

1. Link to an existing issue (if applicable):

  • Closes: N/A
  • Related: N/A

2. Or, if no issue exists, describe the change:

Problem:
The CI check for forbidden cli package imports uses an overly broad regex pattern ^from.*cli.*import.*$ that incorrectly matches any import containing the substring "cli". This causes false positives for legitimate imports like:

  • from a2a.client import Client
  • from a2a.client.card_resolver import A2ACardResolver
  • from mycli import something

These are valid imports from packages named client, mycli, etc., not the forbidden cli package.
PR where issue was found: #4023

Solution:
Updated the regex pattern to ^from\s+([^ ]*\.)?cli(\s|\.) which correctly matches only imports from a package literally named cli:

  • ^from\s+ - matches "from" followed by whitespace
  • ([^ ]*\.)? - optionally matches a module path prefix (e.g., google.adk.)
  • cli - the literal "cli" package name
  • (\s|\.) - must be followed by whitespace (for import) or a dot (for submodules)

Testing Plan

Unit Tests:

  • I have added or updated unit tests for my change.
  • All unit tests pass locally.

Manual Verification:

Tested the regex patterns against various import statements:

$ cat /tmp/test_imports.txt
from a2a.client import Client as A2AClient
from a2a.client.card_resolver import A2ACardResolver
from a2a.client.client import ClientConfig as A2AClientConfig
from client import something
from cli import something
from google.adk.cli import bar
from google.adk.cli.utils import baz
from mycli import foo
from precli.something import bar

$ echo "=== NEW pattern ===" && grep -E '^from\s+([^ ]*\.)?cli(\s|\.)' /tmp/test_imports.txt
=== NEW pattern ===
from cli import something
from google.adk.cli import bar
from google.adk.cli.utils import baz

$ echo "=== OLD pattern (buggy) ===" && grep -E '^from.*cli.*import.*$' /tmp/test_imports.txt
=== OLD pattern (buggy) ===
from a2a.client import Client as A2AClient
from a2a.client.card_resolver import A2ACardResolver
from a2a.client.client import ClientConfig as A2AClientConfig
from client import something
from cli import something
from google.adk.cli import bar
from google.adk.cli.utils import baz
from mycli import foo
from precli.something import bar
Import Old Pattern New Pattern
from a2a.client import Client Matched (false positive) No match (correct)
from client import something Matched (false positive) No match (correct)
from mycli import foo Matched (false positive) No match (correct)
from precli.something import bar Matched (false positive) No match (correct)
from cli import something Matched (correct) Matched (correct)
from google.adk.cli import bar Matched (correct) Matched (correct)
from google.adk.cli.utils import baz Matched (correct) Matched (correct)

Checklist

  • I have read the CONTRIBUTING.md document.
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have added tests that prove my fix is effective or that my feature works.
  • New and existing unit tests pass locally with my changes.
  • I have manually tested my changes end-to-end.
  • Any dependent changes have been merged and published in downstream modules.

Additional context

Files changed:

  • .github/workflows/check-file-contents.yml - Fixed regex pattern for cli import detection

@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Dec 30, 2025

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

@adk-bot adk-bot added the tools [Component] This issue is related to tools label Dec 30, 2025
@KrshnKush KrshnKush mentioned this pull request Dec 30, 2025
Open
9 tasks
@ryanaiagent ryanaiagent self-assigned this Jan 1, 2026
@ryanaiagent
Copy link
Collaborator

ryanaiagent commented Jan 1, 2026

Hi @KrshnKush , Thank you for your contribution! We appreciate you taking the time to submit this pull request. Your PR has been received by the team and is currently under review. We will provide feedback as soon as we have an update to share.

@ryanaiagent
Copy link
Collaborator

ryanaiagent commented Jan 1, 2026

Hi @DeanChensj , can you please review this. LGTM , resolves a lot of false positives.

@ryanaiagent ryanaiagent added the needs-review [Status] The PR is awaiting review from the maintainer label Jan 1, 2026
@wuliang229 wuliang229 self-requested a review January 15, 2026 19:50
@wuliang229 wuliang229 removed the tools [Component] This issue is related to tools label Jan 15, 2026
wuliang229
wuliang229 reviewed Jan 15, 2026
View reviewed changes
.github/workflows/check-file-contents.yml
set +e
FILES_WITH_FORBIDDEN_IMPORT=$(grep -lE '^from.*cli.*import.*$' $CHANGED_FILES)
FILES_WITH_FORBIDDEN_IMPORT=$(grep -lE '^from\s+([^ ]*\.)?cli(\s|\.)' $CHANGED_FILES)
GREP_EXIT_CODE=$?
Copy link
Collaborator

@wuliang229 wuliang229 Jan 15, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few things:

  1. Instead of "\s+", just match the space character " "
  2. don't match any pattern before "cli", just match optional "google.adk." or "adk.", i.e. (google.adk.)|(adk.)
  3. add back the matching of "import"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wuliang229 wuliang229 wuliang229 left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@ryanaiagent ryanaiagent

Labels

needs-review [Status] The PR is awaiting review from the maintainer

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@KrshnKush @ryanaiagent @wuliang229 @adk-bot