| name | code-review |
|---|---|
| description | Use when reviewing PRs for the Management Python SDK — public API, _APIClient, OAuth, tests, security. |
- Reviewing a PR, self-review before submit, or automated review prompts.
Work through the checklist below. Optionally tag findings: Blocker, Major, Minor.
- Exported
Client,Region, stack and resource helpers match README andcontentstack_management.__all__/__init__.py. - Docstrings on
Clientand changed public methods when behavior or parameters change.
- Avoid breaking
Clientconstructor or stack method chains without a semver strategy; document migration for breaking changes.
- Changes to
_APIClientor OAuth paths: verify retries, headers, and interceptor behavior with unit tests; no regressions for authtoken / management_token headers.
- Unit coverage for new logic; API updates when live CMA request/response behavior changes; mock when contract-style tests are appropriate.
-
pytest tests/unit/passes.
- No hardcoded tokens; no logging secrets in new code.
| Level | Examples |
|---|---|
| Blocker | Breaking public API without approval; security issue; no tests for new logic where tests are practical |
| Major | Inconsistent HTTP/auth behavior; README examples that do not match code |
| Minor | Style; minor docs |