[P0][phase:b] Detect package root / entry points before analysis (kills ~36% of out-of-box FPs) #114

New issue

Open

opened 2026-06-15 22:56:48 +02:00 by claude · 0 comments

claude commented 2026-06-15 22:56:48 +02:00

Collaborator

Copy link

Source: evidence-derived from the 2026-06-15 real-world precision audit (docs/dogfood/real-world-precision-2026-06-15.md). Per ADR 0008 § Triage trigger, new observations open issues that compete with existing Phase B/C tickets on equal footing.

Problem

When fallow-py is run with no [tool.fallow_py] config (the first-run experience), it walks the entire repo tree — including docs/, docs_src/, .github/, sandbox/, examples/, setup.py, and requirements/ — and reports findings in all of them.

This is the single largest source of out-of-the-box false positives: 57 of 157 sampled FPs (36%).

Evidence (real repos, no config)

• pydantic: findings in .github/actions/people/people.py (a GitHub Action helper — flagged requests as a missing dependency and its functions as unused-symbol)
• fastapi: dozens of unused-module / unused-symbol on docs_src/** tutorial files
• requests / flask: setup.py flagged as an unused module and setuptools as a missing dependency
• django-oscar: sandbox/** demo deployment flagged throughout

Proposed fix

Detect the actual package root before analysis instead of walking the whole tree:

1. Honor [tool.fallow_py] roots/entry when present (already supported) — but also
2. Infer a sensible default package root when config is absent: prefer src/<pkg>/ (src-layout), else the top-level dir(s) containing __init__.py, and exclude well-known non-package trees (docs, examples, .github, scripts, benchmarks, tests for non-test rules, setup.py, requirements/) by default.
3. Make the exclusion list configurable.

Acceptance criteria

• Running fallow-py analyze with no config on requests / flask / pydantic no longer reports findings in docs/, .github/, setup.py, examples/.
• A benchmarks/fp-cases/non-package-tree/ fixture is added and passes.
• The 2026-06-15 audit's non-package-tree FP cluster (57 findings) is re-run and shows a large reduction.

Priority

P0. Highest-leverage single fix — eliminates ~36% of out-of-box FPs. Without it, every library/app user's first run is dominated by noise from trees that are not the shipped package.

---

Opened by claude (Opus 4.8) from the 2026-06-15 precision audit. Audit PR: #113.

**Source:** evidence-derived from the 2026-06-15 real-world precision audit (`docs/dogfood/real-world-precision-2026-06-15.md`). Per ADR 0008 § Triage trigger, new observations open issues that compete with existing Phase B/C tickets on equal footing. ## Problem When `fallow-py` is run with **no `[tool.fallow_py]` config** (the first-run experience), it walks the entire repo tree — including `docs/`, `docs_src/`, `.github/`, `sandbox/`, `examples/`, `setup.py`, and `requirements/` — and reports findings in all of them. This is the **single largest source of out-of-the-box false positives: 57 of 157 sampled FPs (36%)**. ### Evidence (real repos, no config) - `pydantic`: findings in `.github/actions/people/people.py` (a GitHub Action helper — flagged `requests` as a missing dependency and its functions as unused-symbol) - `fastapi`: dozens of `unused-module` / `unused-symbol` on `docs_src/**` tutorial files - `requests` / `flask`: `setup.py` flagged as an unused module and `setuptools` as a missing dependency - `django-oscar`: `sandbox/**` demo deployment flagged throughout ## Proposed fix Detect the actual package root before analysis instead of walking the whole tree: 1. Honor `[tool.fallow_py]` `roots`/`entry` when present (already supported) — but also 2. **Infer a sensible default package root when config is absent**: prefer `src/<pkg>/` (src-layout), else the top-level dir(s) containing `__init__.py`, and exclude well-known non-package trees (`docs`, `examples`, `.github`, `scripts`, `benchmarks`, `tests` for non-test rules, `setup.py`, `requirements/`) by default. 3. Make the exclusion list configurable. ## Acceptance criteria - Running `fallow-py analyze` with no config on `requests` / `flask` / `pydantic` no longer reports findings in `docs/`, `.github/`, `setup.py`, `examples/`. - A `benchmarks/fp-cases/non-package-tree/` fixture is added and passes. - The 2026-06-15 audit's non-package-tree FP cluster (57 findings) is re-run and shows a large reduction. ## Priority **P0.** Highest-leverage single fix — eliminates ~36% of out-of-box FPs. Without it, every library/app user's first run is dominated by noise from trees that are not the shipped package. --- *Opened by `claude` (Opus 4.8) from the 2026-06-15 precision audit. Audit PR: #113.*

claude added the

phase:b

label 2026-06-15 22:56:48 +02:00

claude referenced this issue from a commit 2026-06-17 23:09:21 +02:00

fix: keep no-config discovery inside package trees

codex referenced this issue from a pull request that will close it, 2026-06-17 23:09:43 +02:00

Reduce dogfood false positives from Phase B audit #118

claude referenced this issue 2026-06-17 23:11:16 +02:00

[P0][harness] Precision-regression harness — make #114-117 falsifiable (the scoreboard) #119

claude added the

area:engineering

dogfood:fp

severity:high

labels 2026-06-17 23:11:17 +02:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

codex/phase-b-fp-reductions

codex/self-dogfood-shim-suppression

issue-96-diff-scope-filtering-tests

issue-102-report-invariants-tests

issue-97-parse-error-generation

issue-98-deterministic-cycles-tests

issue-99-stable-data-tests

claude/adr-0013-blocking-precision

claude/dogfood-real-world-precision-2026-06-15

issue-83-84-doctor-markdown

claude/docs/cousin-onboarding-pointer

codex/dogfood-evidence-cockpit

codex/first-run-doctor

codex/model-loop-benchmark-harness

codex/rule-explainability

codex/deletion-fingerprint-safety

codex/decision-contract-27

codex/dogfood-evidence-hygiene

codex/root-sandbox-safety-6-7

codex/dogfood-evidence-aggregator-29

codex/public-readiness-post-rename

rename/repo-url-cleanup

rename/cli-config-docs

rename/package-fallow-py

rename/adr-umbrella-branding

codex/perf-profile-benchmark-41

codex/mcp-cache-signature-40

codex/deepseek-triage-backlog-35

v0.3.0a3

Labels

Clear labels   

area:ci

CI workflows, packaging, release

  

area:docs

README, philosophy, dogfood, rules ref

  

area:engineering

Code, AST, graph, MCP runtime

  

area:framework-fp

False-positive heuristics for frameworks

  

area:test-coverage

Dedicated tests for critical modules

  

dogfood:fn

Dogfood evidence: false negative (missed)

  

dogfood:fp

Dogfood evidence: false positive

  

dogfood:friction

Dogfood: UX friction

  

dogfood:tp

Dogfood evidence: true positive (real catch)

  

phase:b

Phase B - engineering hardening

  

phase:c

Phase C - Show HN polish

  

severity:critical

Silent bugs, data loss, security

  

severity:high

Real defects, FP confirmed, crashes

  

severity:low

Hygiene, perf micro-opts

  

severity:medium

Hardening, drift detection, edge cases

  

source:deepseek-v4-pro

Items triaged from the DeepSeek v4 Pro repository audit

No labels

area:ci

area:docs

area:engineering

area:framework-fp

area:test-coverage

dogfood:fn

dogfood:fp

dogfood:friction

dogfood:tp

phase:b

phase:c

severity:critical

severity:high

severity:low

severity:medium

source:deepseek-v4-pro

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

pdurlej/fallow-py#114

No description provided.