Contributing
Last updated
Was this helpful?
Last updated
Was this helpful?
First off, thank you for considering contributing to Sandworm.
Following these guidelines helps to communicate that you respect the time of the developers managing and developing this open source project. In return, they should reciprocate that respect in addressing your issue, assessing changes, and helping you finalize your pull requests.
Sandworm is an open source project and we love to receive contributions from our community. There are many ways to contribute, from writing tutorials or blog posts, improving the documentation, submitting bug reports and feature requests or writing code which can be incorporated into Sandworm itself.
If you find a security issue or a vulnerability in Sandworm, please do NOT open an issue. See instead.
When filing an issue with our GitHub issue tracker, make sure to answer these five questions:
What version of Sandworm are you using?
What Node version or browser version are you using?
What did you do?
What did you expect to see?
What did you see instead?
Please add the bug
label to all bug-reporting issues.
Contributor responsibilities:
Ensure cross-platform compatibility for every change you make (Node 10+ & all recent major browsers).
Create issues for any major changes and enhancements that you wish to make. Discuss things transparently and get community feedback.
Keep feature versions as small as possible, preferably one new feature per version.
To contribute on an issue:
Create your own fork of the code.
Run yarn build
to build the Sandworm lib. Run yarn dev
to watch the source files and rebuild automatically.
Do the changes in your fork.
Be sure you have followed the code style for the project:
We use Prettier for formatting (see .prettierrc
).
Everything's enforced via ESLint - run yarn lint
to lint everything.
Send a pull request!
If a maintainer asks you to "rebase" your PR, they're saying that a lot of code has changed, and that you need to update your branch so it's easier to merge.
cli
The Inspector CLI tool sources
cli/index.js
The Inspector server
cli/frontend
The Inspector React app
dist
Built lib lives here
scripts
Various utility scripts
src
Sandworm core code
src/library
Definitions for all supported methods
tests
Automated tests
Sandworm has several types of test automation you need to consider:
Located under tests/node
Update these if you've added or modified any supported Node functions (under src/library/node.js
)
Each supported function should ideally have two associated test files:
function.capture.test.js
, where we test that the function is intercepted by Sandworm, is allowed, and works in dev mode
function.enforce.test.js
, where, with devMode=false
we test that:
a function call throws without the proper permissions
a function call is allowed and works with the proper permissions
These run against the built Sandworm lib, so run yarn build
or yarn dev
to automatically rebuild when updating sources
In the CI, these will execute under multiple Node versions, starting with 10.14
Run the suites with yarn test-node-capture
, yarn test-node-enforce
, or both with yarn test-node-ce
Located under tests/web
Update these if you've added or modified any supported web functions (under src/library/web.js
)
Notes above on Node tests also apply here
Run the suites with yarn test-web
Located under tests/unit
Update these if you've made changes to the Sandworm core (under src
)
When fixing a bug, please provide at least one test that would fail without the proposed fix, but passes with it applied
When adding a feature, please provide at least one test for each significant new functionality introduced
Run with yarn test-node-unit
To run all tests in a single go, use yarn test-all
.
cd
to cli/frontend
, and:
yarn install
yarn watch
to rebuild the app automatically
cd
to cli
and run ./index.js
The server script also serves the built React app. You'll need to manually refresh the browser to get updates whenever you make changes.
If you find yourself wishing for a feature that doesn't exist in Sandworm, you are probably not alone. Please which describes the feature you would like to see, why you need it, and how it should work.
Be welcoming to newcomers and encourage diverse new contributors from all backgrounds. See the .
See below.
We use a slightly modified version of the for all the core code, and for the Inspector React app.
Commits should follow the specification.
Note the .
Working on your first Pull Request? You can learn how from this free series, .
Run with
Run with
Run with
This Contributing document is adapted from .