refactor: modernize code quality tooling with Ruff

- Replace black, isort, and flake8 with Ruff (all-in-one linter and formatter)
- Add comprehensive pyproject.toml configuration
- Simplify Makefile code quality targets
- Configure exclusions for venv/.venv in pyproject.toml
- Auto-fix 1,359 linting issues across codebase

Benefits:
- Much faster builds (Ruff is written in Rust)
- Single tool replaces multiple tools
- More comprehensive rule set (UP, B, C4, SIM, PIE, RET, Q)
- All configuration centralized in pyproject.toml
- Better import sorting and formatting consistency

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

tests/integration/api/v1/test_auth_endpoints.py

@@ -1,5 +1,5 @@
 # tests/integration/api/v1/test_auth_endpoints.py
-from datetime import datetime, timedelta, timezone
+from datetime import UTC, datetime, timedelta
 
 import pytest
 from jose import jwt
@@ -196,8 +196,8 @@ class TestAuthenticationAPI:
             "username": test_user.username,
             "email": test_user.email,
             "role": test_user.role,
-            "exp": datetime.now(timezone.utc) - timedelta(hours=1),
-            "iat": datetime.now(timezone.utc) - timedelta(hours=2),
+            "exp": datetime.now(UTC) - timedelta(hours=1),
+            "iat": datetime.now(UTC) - timedelta(hours=2),
         }
 
         expired_token = jwt.encode(

tests/integration/api/v1/test_filtering.py

@@ -9,7 +9,6 @@ from models.database.marketplace_product import MarketplaceProduct
 @pytest.mark.products
 @pytest.mark.marketplace
 class TestFiltering:
-
     def test_product_brand_filter_success(self, client, auth_headers, db):
         """Test filtering products by brand successfully"""
         # Create products with different brands using unique IDs
@@ -131,7 +130,7 @@ class TestFiltering:
 
         # Search for "Apple"
         response = client.get(
-            f"/api/v1/marketplace/product?search=Apple", headers=auth_headers
+            "/api/v1/marketplace/product?search=Apple", headers=auth_headers
         )
         assert response.status_code == 200
         data = response.json()
@@ -139,7 +138,7 @@ class TestFiltering:
 
         # Search for "phone"
         response = client.get(
-            f"/api/v1/marketplace/product?search=phone", headers=auth_headers
+            "/api/v1/marketplace/product?search=phone", headers=auth_headers
         )
         assert response.status_code == 200
         data = response.json()

tests/integration/api/v1/test_inventory_endpoints.py

@@ -8,7 +8,6 @@ from models.database.inventory import Inventory
 @pytest.mark.api
 @pytest.mark.inventory
 class TestInventoryAPI:
-
     def test_set_inventory_new_success(self, client, auth_headers):
         """Test setting inventory for new GTIN successfully"""
         inventory_data = {
@@ -445,7 +444,7 @@ class TestInventoryAPI:
         """Test invalid inventory operations return InvalidInventoryOperationException"""
         # This would test business logic validation
         # The exact scenario depends on your business rules
-        pass  # Implementation depends on specific business rules
+        # Implementation depends on specific business rules
 
     def test_get_inventory_without_auth_returns_invalid_token(self, client):
         """Test that inventory endpoints require authentication returns InvalidTokenException"""

tests/integration/api/v1/test_marketplace_import_job_endpoints.py

@@ -1,5 +1,4 @@
 # tests/integration/api/v1/test_marketplace_import_job_endpoints.py
-from unittest.mock import AsyncMock, patch
 
 import pytest
 

tests/integration/api/v1/test_marketplace_product_export.py

@@ -12,7 +12,6 @@ from models.database.marketplace_product import MarketplaceProduct
 @pytest.mark.api
 @pytest.mark.performance  # for the performance test
 class TestExportFunctionality:
-
     def test_csv_export_basic_success(
         self, client, auth_headers, test_marketplace_product
     ):
@@ -198,9 +197,9 @@ class TestExportFunctionality:
 
         assert response.status_code == 200
         assert response.headers["content-type"] == "text/csv; charset=utf-8"
-        assert (
-            execution_time < 10.0
-        ), f"Export took {execution_time:.2f} seconds, should be under 10s"
+        assert execution_time < 10.0, (
+            f"Export took {execution_time:.2f} seconds, should be under 10s"
+        )
 
         # Verify content contains our test data
         csv_content = response.content.decode("utf-8")

tests/integration/api/v1/test_marketplace_products_endpoints.py

@@ -6,7 +6,6 @@ import pytest
 @pytest.mark.api
 @pytest.mark.products
 class TestMarketplaceProductsAPI:
-
     def test_get_products_empty(self, client, auth_headers):
         """Test getting products when none exist"""
         response = client.get("/api/v1/marketplace/product", headers=auth_headers)

tests/integration/api/v1/test_pagination.py

@@ -10,7 +10,6 @@ from models.database.vendor import Vendor
 @pytest.mark.database
 @pytest.mark.products
 class TestPagination:
-
     def test_product_pagination_success(self, client, auth_headers, db):
         """Test pagination for product listing successfully"""
         import uuid
@@ -224,7 +223,6 @@ class TestPagination:
         unique_suffix = str(uuid.uuid4())[:8]
 
         # Create multiple vendors for pagination testing
-        from models.database.vendor import Vendor
 
         vendors = []
         for i in range(15):

tests/integration/api/v1/test_vendor_endpoints.py

@@ -6,7 +6,6 @@ import pytest
 @pytest.mark.api
 @pytest.mark.vendors
 class TestVendorsAPI:
-
     def test_create_vendor_success(self, client, auth_headers):
         """Test creating a new vendor successfully"""
         vendor_data = {
@@ -91,7 +90,7 @@ class TestVendorsAPI:
 
         # Assuming max vendors is enforced at service level
         # This test validates the expected response structure
-        pass  # Implementation depends on your max_vendors business logic
+        # Implementation depends on your max_vendors business logic
 
     def test_get_vendors_success(self, client, auth_headers, test_vendor):
         """Test getting vendors list successfully"""

tests/integration/api/v1/vendor/test_authentication.py

@@ -10,7 +10,7 @@ These tests verify that:
 5. Vendor context middleware works correctly with API authentication
 """
 
-from datetime import datetime, timedelta, timezone
+from datetime import UTC, datetime, timedelta
 
 import pytest
 from jose import jwt
@@ -88,8 +88,8 @@ class TestVendorAPIAuthentication:
             "username": test_vendor_user.username,
             "email": test_vendor_user.email,
             "role": test_vendor_user.role,
-            "exp": datetime.now(timezone.utc) - timedelta(hours=1),
-            "iat": datetime.now(timezone.utc) - timedelta(hours=2),
+            "exp": datetime.now(UTC) - timedelta(hours=1),
+            "iat": datetime.now(UTC) - timedelta(hours=2),
         }
 
         expired_token = jwt.encode(
@@ -184,9 +184,9 @@ class TestVendorAPIAuthentication:
             response = client.get(endpoint)
 
             # All should fail with 401 (header required)
-            assert (
-                response.status_code == 401
-            ), f"Endpoint {endpoint} should reject cookie-only auth"
+            assert response.status_code == 401, (
+                f"Endpoint {endpoint} should reject cookie-only auth"
+            )
 
     # ========================================================================
     # Role-Based Access Control Tests
@@ -205,15 +205,15 @@ class TestVendorAPIAuthentication:
         for endpoint in endpoints:
             # Test with regular user token
             response = client.get(endpoint, headers=auth_headers)
-            assert (
-                response.status_code == 403
-            ), f"Endpoint {endpoint} should reject regular users"
+            assert response.status_code == 403, (
+                f"Endpoint {endpoint} should reject regular users"
+            )
 
             # Test with admin token
             response = client.get(endpoint, headers=admin_headers)
-            assert (
-                response.status_code == 403
-            ), f"Endpoint {endpoint} should reject admin users"
+            assert response.status_code == 403, (
+                f"Endpoint {endpoint} should reject admin users"
+            )
 
     def test_vendor_api_accepts_only_vendor_role(
         self, client, vendor_user_headers, test_vendor_user
@@ -228,7 +228,9 @@ class TestVendorAPIAuthentication:
             assert response.status_code in [
                 200,
                 404,
-            ], f"Endpoint {endpoint} should accept vendor users (got {response.status_code})"
+            ], (
+                f"Endpoint {endpoint} should accept vendor users (got {response.status_code})"
+            )
 
     # ========================================================================
     # Token Validation Tests
@@ -246,9 +248,9 @@ class TestVendorAPIAuthentication:
 
         for headers in malformed_headers:
             response = client.get("/api/v1/vendor/auth/me", headers=headers)
-            assert (
-                response.status_code == 401
-            ), f"Should reject malformed header: {headers}"
+            assert response.status_code == 401, (
+                f"Should reject malformed header: {headers}"
+            )
 
     def test_token_with_missing_claims(self, client, auth_manager):
         """Test token missing required claims"""
@@ -256,7 +258,7 @@ class TestVendorAPIAuthentication:
         invalid_payload = {
             "sub": "123",
             "username": "test",
-            "exp": datetime.now(timezone.utc) + timedelta(hours=1),
+            "exp": datetime.now(UTC) + timedelta(hours=1),
         }
 
         invalid_token = jwt.encode(
@@ -348,9 +350,9 @@ class TestVendorAPIConsistency:
                 response = client.post(endpoint, json={})
 
             # All should reject cookie-only auth with 401
-            assert (
-                response.status_code == 401
-            ), f"Endpoint {endpoint} should require Authorization header (got {response.status_code})"
+            assert response.status_code == 401, (
+                f"Endpoint {endpoint} should require Authorization header (got {response.status_code})"
+            )
 
     def test_vendor_endpoints_accept_vendor_token(
         self, client, vendor_user_headers, test_vendor_with_vendor_user
@@ -371,4 +373,6 @@ class TestVendorAPIConsistency:
             assert response.status_code not in [
                 401,
                 403,
-            ], f"Endpoint {endpoint} should accept vendor token (got {response.status_code}: {response.text})"
+            ], (
+                f"Endpoint {endpoint} should accept vendor token (got {response.status_code}: {response.text})"
+            )

tests/integration/conftest.py

@@ -1,5 +1,5 @@
 # tests/integration/conftest.py
 """Integration test specific fixtures."""
-import pytest
+
 
 # Add any integration-specific fixtures here if needed

tests/integration/middleware/conftest.py

@@ -2,6 +2,7 @@
 """
 Fixtures specific to middleware integration tests.
 """
+
 import pytest
 
 from models.database.vendor import Vendor

tests/integration/middleware/test_context_detection_flow.py

@@ -5,6 +5,7 @@ Integration tests for request context detection end-to-end flow.
 These tests verify that context type (API, ADMIN, VENDOR_DASHBOARD, SHOP, FALLBACK)
 is correctly detected through real HTTP requests.
 """
+
 from unittest.mock import patch
 
 import pytest

tests/integration/middleware/test_middleware_stack.py

@@ -5,12 +5,11 @@ Integration tests for the complete middleware stack.
 These tests verify that all middleware components work together correctly
 through real HTTP requests, ensuring proper execution order and state injection.
 """
+
 from unittest.mock import patch
 
 import pytest
 
-from middleware.context import RequestContext
-
 
 @pytest.mark.integration
 @pytest.mark.middleware

tests/integration/middleware/test_theme_loading_flow.py

@@ -5,6 +5,7 @@ Integration tests for theme loading end-to-end flow.
 These tests verify that vendor themes are correctly loaded and injected
 into request.state through real HTTP requests.
 """
+
 from unittest.mock import patch
 
 import pytest

tests/integration/middleware/test_vendor_context_flow.py

@@ -5,6 +5,7 @@ Integration tests for vendor context detection end-to-end flow.
 These tests verify that vendor detection works correctly through real HTTP requests
 for all routing modes: subdomain, custom domain, and path-based.
 """
+
 from unittest.mock import patch
 
 import pytest

tests/integration/tasks/test_background_tasks.py

@@ -1,5 +1,4 @@
 # tests/test_background_tasks.py
-from datetime import datetime
 from unittest.mock import AsyncMock, patch
 
 import pytest
@@ -32,8 +31,9 @@ class TestBackgroundTasks:
         job_id = job.id
 
         # Mock CSV processor and prevent session from closing
-        with patch("app.tasks.background_tasks.CSVProcessor") as mock_processor, patch(
-            "app.tasks.background_tasks.SessionLocal", return_value=db
+        with (
+            patch("app.tasks.background_tasks.CSVProcessor") as mock_processor,
+            patch("app.tasks.background_tasks.SessionLocal", return_value=db),
         ):
             mock_instance = mock_processor.return_value
             mock_instance.process_marketplace_csv_from_url = AsyncMock(
@@ -86,10 +86,10 @@ class TestBackgroundTasks:
         job_id = job.id
 
         # Mock CSV processor to raise exception
-        with patch("app.tasks.background_tasks.CSVProcessor") as mock_processor, patch(
-            "app.tasks.background_tasks.SessionLocal", return_value=db
+        with (
+            patch("app.tasks.background_tasks.CSVProcessor") as mock_processor,
+            patch("app.tasks.background_tasks.SessionLocal", return_value=db),
         ):
-
             mock_instance = mock_processor.return_value
             mock_instance.process_marketplace_csv_from_url = AsyncMock(
                 side_effect=Exception("Import failed")
@@ -124,8 +124,9 @@ class TestBackgroundTasks:
     @pytest.mark.asyncio
     async def test_marketplace_import_job_not_found(self, db):
         """Test handling when import job doesn't exist"""
-        with patch("app.tasks.background_tasks.CSVProcessor") as mock_processor, patch(
-            "app.tasks.background_tasks.SessionLocal", return_value=db
+        with (
+            patch("app.tasks.background_tasks.CSVProcessor") as mock_processor,
+            patch("app.tasks.background_tasks.SessionLocal", return_value=db),
         ):
             mock_instance = mock_processor.return_value
             mock_instance.process_marketplace_csv_from_url = AsyncMock(
@@ -170,8 +171,9 @@ class TestBackgroundTasks:
         job_id = job.id
 
         # Mock CSV processor with some errors
-        with patch("app.tasks.background_tasks.CSVProcessor") as mock_processor, patch(
-            "app.tasks.background_tasks.SessionLocal", return_value=db
+        with (
+            patch("app.tasks.background_tasks.CSVProcessor") as mock_processor,
+            patch("app.tasks.background_tasks.SessionLocal", return_value=db),
         ):
             mock_instance = mock_processor.return_value
             mock_instance.process_marketplace_csv_from_url = AsyncMock(

tests/integration/workflows/test_integration.py

@@ -96,7 +96,7 @@ class TestIntegrationFlows:
 
         # 4. Get vendor details
         response = client.get(
-            f"/api/v1/vendor/{vendor ['vendor_code']}", headers=auth_headers
+            f"/api/v1/vendor/{vendor['vendor_code']}", headers=auth_headers
         )
         assert response.status_code == 200