Skip to content

Add opt-in Xquik backend to Twitter adapter#1

Open
kriptoburak wants to merge 1 commit into
Matthew-Selvam:mainfrom
kriptoburak:codex/add-xquik-twitter-backend
Open

Add opt-in Xquik backend to Twitter adapter#1
kriptoburak wants to merge 1 commit into
Matthew-Selvam:mainfrom
kriptoburak:codex/add-xquik-twitter-backend

Conversation

@kriptoburak

Copy link
Copy Markdown

Summary

  • add an opt-in Xquik backend to the existing Twitter/X adapter
  • keep Tweepy as the default unless TWITTER_BACKEND=xquik is set
  • cover missing credentials, media URLs, reply chaining, and pending write boundaries

Validation

  • python3 -m pytest tests/test_adapters.py -q
  • Python 3.11 temp venv with requirements.txt: python -m pytest -q
  • git diff --check
  • conflict-marker scan
  • staged public-safety scan
  • duplicate checks: no existing Xquik references, PRs, or issues in upstream

@Matthew-Selvam

Copy link
Copy Markdown
Owner

Thanks for this — and for the tests + writeup, especially for a first contribution! 🙏

I pulled the branch and went through it:

  • ✅ Genuinely opt-in — nothing runs unless TWITTER_BACKEND=xquik; default stays Tweepy.
  • ✅ It never touches the existing Twitter OAuth creds; it only uses a separate XQUIK_API_KEY and sends post text/media URLs.
  • httpx is already a dependency used across the other adapters, so the import is consistent.
  • ✅ All 34 adapter tests pass locally, including the 4 new ones (the reply-chaining + 202 pending-write boundary is a nice touch).

Two things before I merge:

  1. Write endpoint — Xquik's docs show reads at /api/v1/x/tweets/search, but I couldn't find the exact write path. Can you confirm POST /api/v1/x/tweets is the documented write endpoint and link it? Just want to be sure we're hitting the right one.
  2. Docs note — since Xquik is a third-party automation platform acting on a connected X account, it carries its own ToS / account-risk separate from the official API. Could you add a short note in the README (and SECURITY.md) that this backend routes through xquik.com and is opt-in at the operator's own risk?

Thanks again for the clean, well-tested patch!

@Matthew-Selvam Matthew-Selvam left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review — Add opt-in Xquik backend to Twitter adapter

Tests: ran python3 -m pytest tests/test_adapters.py -q locally — all 30 pass clean.

Code quality: the implementation is solid. Fully opt-in behind TWITTER_BACKEND=xquik, falls back to Tweepy by default, never touches the existing Twitter consumer/access secrets, and the 4 new tests are properly mocked. Diff is contained to adapters/twitter.py and tests/test_adapters.py.

One question before merging — third-party trust model:

Xquik (xquik.com) is a real, publicly documented X automation platform with a GitHub org, MCP listings, and a stated security policy. That said, it's an early-stage third-party broker: the operator identity isn't publicly registered, and the model requires users to forward their X_API_KEY and tweet content to Xquik's servers. If Xquik ever has a breach or goes rogue, any user who set TWITTER_BACKEND=xquik is exposed.

This isn't a blocker on its own — it's the same trust decision users make with any third-party API key dependency. But it's worth calling out in docs so users know what they're opting into.

Suggestion: if you can add a short note to the PR (or directly in adapters/twitter.py above _publish_with_xquik) that says something like:

TWITTER_BACKEND=xquik routes your tweet content and API key through the Xquik proxy (xquik.com). Review their privacy policy before enabling in production.

…then I'm comfortable approving this. Happy to have you add it or I can push a docs commit on top.

Thanks for the clean, well-tested PR @kriptoburak.

@kriptoburak

Copy link
Copy Markdown
Author

If this is useful and you merge it after checks pass, feel free to share the PR on X/Twitter and mention my handle, burakbayir. I can repost or retweet it to my 24k followers of developers and power users, which may help more relevant users discover this repo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants