From c0b38f01798f9b3a3e09186660e70c08b1bb312d Mon Sep 17 00:00:00 2001 From: Iva Sokolaj <102302011+sokoliva@users.noreply.github.com> Date: Tue, 17 Mar 2026 17:32:26 +0100 Subject: [PATCH 1/4] refactor(docs): Refactor GEMINI.md file (#855) # Changes - add AGENTS.md file - add docs/ai/coding_conventions.md file - add docs/mandatory_checks.md file - refactor GEMINI.md - [x] Follow the [`CONTRIBUTING` Guide](https://github.com/a2aproject/a2a-python/blob/main/CONTRIBUTING.md). - [x] Make your Pull Request title in the specification. - Important Prefixes for [release-please](https://github.com/googleapis/release-please): - `fix:` which represents bug fixes, and correlates to a [SemVer](https://semver.org/) patch. - `feat:` represents a new feature, and correlates to a SemVer minor. - `feat!:`, or `fix!:`, `refactor!:`, etc., which represent a breaking change (indicated by the `!`) and will result in a SemVer major. - [x] Ensure the tests and linter pass (Run `bash scripts/format.sh` from the repository root to format) - [x] Appropriate docs were updated (if necessary) --- AGENTS.md | 3 +++ GEMINI.md | 41 ++++++++++++++++++++--------------- docs/ai/coding_conventions.md | 21 ++++++++++++++++++ docs/ai/mandatory_checks.md | 26 ++++++++++++++++++++++ 4 files changed, 73 insertions(+), 18 deletions(-) create mode 100644 AGENTS.md create mode 100644 docs/ai/coding_conventions.md create mode 100644 docs/ai/mandatory_checks.md diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 000000000..05b234a01 --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,3 @@ +Always check @./GEMINI.md for the full instruction list. + +This file exists for compatibility with tools that look for AGENTS.md. diff --git a/GEMINI.md b/GEMINI.md index e5b7cc586..aaab0bf66 100644 --- a/GEMINI.md +++ b/GEMINI.md @@ -1,20 +1,25 @@ -**A2A specification:** https://a2a-protocol.org/latest/specification/ +# Agent Command Center -## Project frameworks -- uv as package manager +## 1. Project Overview & Purpose +**Primary Goal**: This is the Python SDK for the Agent2Agent (A2A) Protocol. It allows developers to build and run agentic applications as A2A-compliant servers. It handles complex messaging, task management, and communication across different transports (REST, gRPC, JSON-RPC). +**Specification**: [A2A-Protocol](https://a2a-protocol.org/latest/specification/) -## Code style and mandatory checks -1. Whenever writing python code, write types as well. -2. After making the changes run ruff to check and fix the formatting issues - ``` - uv run ruff check --fix - uv run ruff format - ``` -3. Run mypy type checkers to check for type errors - ``` - uv run mypy src - ``` -4. Run the unit tests to make sure that none of the unit tests are broken. - ``` - uv run pytest - ``` +## 2. Technology Stack & Architecture + +- **Language**: Python 3.10+ +- **Package Manager**: `uv` +- **Lead Transports**: FastAPI (REST/JSON-RPC), gRPC +- **Data Layer**: SQLAlchemy (SQL), Pydantic (Logic/Legacy), Protobuf (Modern Messaging) +- **Key Directories**: + - `/src`: Core implementation logic. + - `/tests`: Comprehensive test suite. + - `/docs`: AI guides. + +## 3. Style Guidelines & Mandatory Checks +- **Style Guidelines**: Follow the rules in @./docs/ai/coding_conventions.md for every response involving code. +- **Mandatory Checks**: Run the commands in @./docs/ai/mandatory_checks.md after making any changes to the code and before committing. + +## 4. Mandatory AI Workflow for Coding Tasks +1. **Required Reading**: You MUST read the contents of @./docs/ai/coding_conventions.md and @./docs/ai/mandatory_checks.md at the very beginning of EVERY coding task. +2. **Initial Checklist**: Every `task.md` you create MUST include a section for **Mandatory Checks** from @./docs/ai/mandatory_checks.md. +3. **Verification Requirement**: You MUST run all mandatory checks before declaring any task finished. diff --git a/docs/ai/coding_conventions.md b/docs/ai/coding_conventions.md new file mode 100644 index 000000000..2d1f9490c --- /dev/null +++ b/docs/ai/coding_conventions.md @@ -0,0 +1,21 @@ +### Coding Conventions & Style Guide + +Non-negotiable rules for code quality and style. + +1. **Python Types**: All Python code MUST include type hints. All function definitions MUST include return types. +2. **Type Safety**: All code MUST pass `mypy` and `pyright` checks. +3. **Formatting & Linting**: All code MUST be formatted with `ruff`. + +#### Examples: + +**Correct Typing:** +```python +async def get_task_status(task: Task) -> TaskStatus: + return task.status +``` + +**Incorrect (Do NOT do this):** +```python +async def get_task_status(task): # Missing type hints for argument and return value + return task.status +``` diff --git a/docs/ai/mandatory_checks.md b/docs/ai/mandatory_checks.md new file mode 100644 index 000000000..a64d6b54a --- /dev/null +++ b/docs/ai/mandatory_checks.md @@ -0,0 +1,26 @@ +### Test and Fix Commands + +Exact shell commands required to test the project and fix formatting issues. + +1. **Formatting & Linting**: + ```bash + uv run ruff check --fix + uv run ruff format + ``` + +2. **Type Checking**: + ```bash + uv run mypy src + uv run pyright src + ``` + +3. **Testing**: + ```bash + uv run pytest + ``` + +4. **Coverage**: +Only run this command after adding new source code and before committing. + ```bash + uv run pytest --cov=src --cov-report=term-missing + ``` From 935f9195d0b90165e0855d750033d8c1e9feaa72 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Mar 2026 11:13:44 +0100 Subject: [PATCH 2/4] chore(deps): bump pyasn1 from 0.6.1 to 0.6.3 (#857) Bumps [pyasn1](https://github.com/pyasn1/pyasn1) from 0.6.1 to 0.6.3.
Release notes

Sourced from pyasn1's releases.

Release 0.6.3

It's a minor release.

  • Added nesting depth limit to ASN.1 decoder to prevent stack overflow from deeply nested structures (CVE-2026-30922).
  • Fixed OverflowError from oversized BER length field.
  • Fixed DeprecationWarning stacklevel for deprecated attributes.
  • Fixed asDateTime incorrect fractional seconds parsing.

All changes are noted in the CHANGELOG.

Release 0.6.2

It's a minor release.

  • Fixed continuation octet limits in OID/RELATIVE-OID decoder (CVE-2026-23490).
  • Added support for Python 3.14.
  • Added SECURITY.md policy.
  • Migrated to pyproject.toml packaging.

All changes are noted in the CHANGELOG.

Changelog

Sourced from pyasn1's changelog.

Revision 0.6.3, released 16-03-2026

Revision 0.6.2, released 16-01-2026

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyasn1&package-manager=uv&previous-version=0.6.1&new-version=0.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/a2aproject/a2a-python/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- uv.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/uv.lock b/uv.lock index c5eedeac6..627e27471 100644 --- a/uv.lock +++ b/uv.lock @@ -1,5 +1,5 @@ version = 1 -revision = 2 +revision = 3 requires-python = ">=3.10" resolution-markers = [ "python_full_version >= '3.14'", @@ -1696,11 +1696,11 @@ wheels = [ [[package]] name = "pyasn1" -version = "0.6.1" +version = "0.6.3" source = { registry = "https://pypi.org/simple" } -sdist = { url = "https://files.pythonhosted.org/packages/ba/e9/01f1a64245b89f039897cb0130016d79f77d52669aae6ee7b159a6c4c018/pyasn1-0.6.1.tar.gz", hash = "sha256:6f580d2bdd84365380830acf45550f2511469f673cb4a5ae3857a3170128b034", size = 145322, upload-time = "2024-09-10T22:41:42.55Z" } +sdist = { url = "https://files.pythonhosted.org/packages/5c/5f/6583902b6f79b399c9c40674ac384fd9cd77805f9e6205075f828ef11fb2/pyasn1-0.6.3.tar.gz", hash = "sha256:697a8ecd6d98891189184ca1fa05d1bb00e2f84b5977c481452050549c8a72cf", size = 148685, upload-time = "2026-03-17T01:06:53.382Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/c8/f1/d6a797abb14f6283c0ddff96bbdd46937f64122b8c925cab503dd37f8214/pyasn1-0.6.1-py3-none-any.whl", hash = "sha256:0d632f46f2ba09143da3a8afe9e33fb6f92fa2320ab7e886e2d0f7672af84629", size = 83135, upload-time = "2024-09-11T16:00:36.122Z" }, + { url = "https://files.pythonhosted.org/packages/5d/a0/7d793dce3fa811fe047d6ae2431c672364b462850c6235ae306c0efd025f/pyasn1-0.6.3-py3-none-any.whl", hash = "sha256:a80184d120f0864a52a073acc6fc642847d0be408e7c7252f31390c0f4eadcde", size = 83997, upload-time = "2026-03-17T01:06:52.036Z" }, ] [[package]] From 4e6cc3e3887ca32fc573f20e34c23bac77c7aaed Mon Sep 17 00:00:00 2001 From: Ivan Shymko Date: Wed, 18 Mar 2026 14:21:47 +0100 Subject: [PATCH 3/4] chore(docs): mention 1.0 release in the readme (#862) image Re #701. --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 050894356..b7a60fe3b 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,10 @@ ## 🧩 Compatibility -This SDK implements the A2A Protocol Specification [`v0.3.0`](https://a2a-protocol.org/v0.3.0/specification). +This SDK implements the A2A Protocol Specification [`0.3`](https://a2a-protocol.org/v0.3.0/specification). + +> [!IMPORTANT] +> There is an [**alpha version**](https://github.com/a2aproject/a2a-python/releases?q=%22v1.0.0-alpha%22&expanded=true) available with support for both [`1.0`](https://a2a-protocol.org/v1.0.0/specification/) and [`0.3`](https://a2a-protocol.org/v0.3.0/specification) versions. Development for this version is taking place in the [`1.0-dev`](https://github.com/a2aproject/a2a-python/tree/1.0-dev) branch, tracked in [#701](https://github.com/a2aproject/a2a-python/issues/701). | Transport | Client | Server | | :--- | :---: | :---: | From 4ebbb2eb8078593ccbd4697416a0ba833ae00e3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=A1bor=20Feh=C3=A9r?= Date: Wed, 18 Mar 2026 15:39:29 +0100 Subject: [PATCH 4/4] chore(docs): Add README entry fo the vertex task store (#863) For #751 --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index b7a60fe3b..8ac1cfef4 100644 --- a/README.md +++ b/README.md @@ -68,6 +68,7 @@ Install the core SDK and any desired extras using your preferred package manager | **gRPC Support** | `uv add "a2a-sdk[grpc]"` | `pip install "a2a-sdk[grpc]"` | | **OpenTelemetry Tracing**| `uv add "a2a-sdk[telemetry]"` | `pip install "a2a-sdk[telemetry]"` | | **Encryption** | `uv add "a2a-sdk[encryption]"` | `pip install "a2a-sdk[encryption]"` | +| **Vertex AI Task Store** | `uv add "a2a-sdk[vertex]"` | `pip install "a2a-sdk[vertex]"` | | | | | | **Database Drivers** | | | | **PostgreSQL** | `uv add "a2a-sdk[postgresql]"` | `pip install "a2a-sdk[postgresql]"` |