PyTorch Language Policy
lang-pytorch
Merged PyTorch policy. It inlines the baseline shared-foundation checks and
adds PyTorch-specific checks, including the language checks that previously
lived in separate extended outputs. Enable for repositories with substantial
PyTorch code. This policy already contains the shared foundation checks; add
other lang-* policies only when the repo has another substantial
implementation language.
Language-Specific Checks
Any app type
- pytorch-rel-001 — Training and evaluation use the correct module mode.
- pytorch-rel-003 — Device placement is explicit and consistent.
- test-pytorch-004 — PyTorch tensors allocated with torch.empty are fully initialized before use.
- pytorch-ops-001 — Checkpoints store portable state rather than whole model objects.
- pytorch-rel-002 — Evaluation and inference disable gradient tracking.
- test-pytorch-001 — Reproducible PyTorch paths seed every RNG they use.
- test-pytorch-003 — Reproducible multi-worker DataLoaders seed worker processes.
- test-pytorch-002 — Deterministic CUDA paths disable cuDNN benchmarking.
Shared Foundation Checks
Security
- sec-006 — Protected operations enforce authentication, authorization, and principal scoping at the boundary.
- sec-003 — SQL remains parameterized and structural query fragments are allowlisted.
- bp-sec-001 — External input is validated at trust boundaries.
- sec-004 — Browser output encodes or sanitizes untrusted content in the correct context.
- sec-001 — Untrusted input does not reach shell or process execution unsafely.
- sec-002 — Untrusted data is not dynamically executed or unsafely deserialized.
- sec-007 — Password storage and account recovery resist offline cracking and account takeover.
- bp-sec-004 — Sensitive data is not emitted to logs or traces.
- sec-008 — Client-facing errors, URLs, and public responses do not leak secrets or internals.
Reliability
- bp-rel-001 — Outbound dependencies have explicit time budgets.
- bp-rel-002 — Retries are bounded, deliberate, and safe for the operation.
- rel-017 — Side effects and downstream jobs run only after durable commit.
- rel-006 — Retried or redelivered work is idempotent or deduplicated.
- rel-002 — Downstream work propagates cancellation/deadlines and stops when callers are done.
- rel-021 — Security-sensitive multi-step operations fail closed on partial failure.
- rel-008 — Overload-triggering work and resource consumption are bounded.
- rel-014 — Read-your-writes paths avoid stale async replicas.
- rel-001 — Transient resources are released on every path.
Architecture Core
- arch-005 — Module-owned mutable state and representations stay encapsulated.
- bp-arch-002 — Dependency direction follows the architecture instead of bypassing it.
- arch-004 — Runtime work starts from explicit entrypoints instead of import/load side effects.
- arch-002 — Foreign models and third-party APIs are translated at the boundary.
- bp-arch-001 — Modules depend through explicit, reviewable seams.
- arch-003 — Environment and configuration are read, modeled, and validated at the boundary.
Testing
- bp-test-001 — Behavior changes are protected by automated tests.
- test-010 — Tests verify outcomes with explicit, simple oracles.
- test-009 — Prefer outcome assertions over interaction-only mock choreography.
- test-001 — Boundary and compatibility changes have executable contract coverage.
- bp-test-002 — Critical paths must have deterministic tests.
- bp-test-003 — Default automated tests do not require live external dependencies.
- test-008 — Tests assert behavior through supported interfaces, not internals.
- test-003 — Tests isolate mutable state and clean up created resources.
Application Programming Interface
- api-004 — Retried mutating operations are idempotent end-to-end.
- api-001 — External API input is parsed, translated, and rejected at the boundary before side effects.
- api-009 — Published API contracts remain backward compatible within a version.
- bp-api-002 — Collection reads are bounded.
- api-007 — Mutable resources expose validators and honor preconditions.
- api-008 — Machine-readable API contracts stay published and in sync with implementation.
- api-016 — Potentially large JSON identifiers are serialized as strings.
- bp-api-001 — External APIs return machine-readable error contracts.
Data
- data-011 — Durable-state mutations are atomic, rollback-safe, and concurrency-correct.
- data-027 — Compute derived values from source fields instead of hand-maintaining them.
- data-010 — Durable or cross-process data uses versionable formats and mixed-version-safe evolution.
- data-009 — Evolve deployed schemas with forward-only, additive-first compatibility changes.
- data-001 — Keep training and evaluation data leakage-free.
- data-002 — Validate and gate upstream data before downstream training or pipeline work.
Operations
- ops-022 — Configuration is semantically validated before it is applied.
- bp-ops-001 — Services expose meaningful health signals.
- ops-024 — Automation that changes production state fails safe and verifies recovery before restoring traffic.
- ops-028 — Production defaults disable debug, demo, and unnecessary admin surfaces.
- ops-003 — Deployments are smoke-tested before success.
- ops-018 — Cross-boundary work preserves correlation and dependency attribution.
- bp-ops-005 — Deployment config is environment-agnostic.
- ops-017 — Per-unit production telemetry is structured and complete.
Performance
- perf-004 — Async hot paths do not block runtime threads.
- perf-001 — Avoid N+1 data access in hot paths.
- perf-002 — Avoid accidental quadratic work on input-scaled paths.
- perf-003 — Fetch and serialize only the data a latency-sensitive path needs.
- perf-010 — Expose latency distributions, not averages alone.
- perf-006 — Version internal derived caches so upgrades rebuild them.