f34f6abfb2
Root-level docs added per production-readiness audit: - CHANGELOG.md — unreleased + pointer to git tags - CONTRIBUTING.md — setup + PR checklist + Constructor Pattern - SECURITY.md — reporting channel + threat model + known RUSTSEC list cargo update applied: 19 patch/minor bumps (base64urlsafedata, blake3, cc, crc-catalog, digest, filetime, h2, hashbrown, hybrid-array, idna_adapter, js-sys, kqueue-sys, libc, nix, openssl, openssl-sys, pin-project, pin-project-internal, redox_syscall). 9 RUSTSEC advisories from transitive deps remain (rsa 0.9 Marvin, rustls-webpki x5, sqlx 0.8 Binary Protocol, async-std discontinued, lru unsound IterMut, fxhash/instant unmaintained) — require major-version bumps in direct deps, tracked in SECURITY.md "Known advisories" section.
30 lines
945 B
Markdown
30 lines
945 B
Markdown
# Contributing
|
|
|
|
This is a working monorepo (Rust + TypeScript + bash hooks + agent manifests). PRs accepted via Forgejo or GitHub.
|
|
|
|
## Setup
|
|
|
|
```bash
|
|
git clone <repo>
|
|
cd KeiSeiKit-public
|
|
cargo check --workspace
|
|
cd _ts_packages && pnpm install
|
|
```
|
|
|
|
## Before opening a PR
|
|
|
|
- `cargo check --workspace` clean
|
|
- `cargo test --workspace --no-fail-fast` all green
|
|
- `cargo audit` no critical CVEs
|
|
- Constructor Pattern: ≤200 LOC per file, ≤30 LOC per function
|
|
- Conventional commit prefix: `feat:` / `fix:` / `chore:` / `refactor:` / `docs:` / `test:`
|
|
|
|
## Code style
|
|
|
|
- Rust: `rustfmt` default, `clippy -W clippy::all`
|
|
- TypeScript: project-local `tsconfig.json`, no broad `any`
|
|
- Bash: `bash -n` syntax check, prefer POSIX `sh` when possible
|
|
|
|
## Security
|
|
|
|
Never commit secrets. All tokens live in `~/.claude/secrets/.env` or `<repo>/secrets/*.env` — referenced by env var name only. See `docs/SECURITY.md` for the secret-pattern detector spec.
|