Contributing Guide
Learn how to contribute to the Coach project
Getting Started
We welcome contributions from developers of all skill levels. Here's how to get started:
1. Fork the Repository
Start by forking the repository to your GitHub account.
# Clone your fork
git clone https://github.com/YOUR_USERNAME/coach.git
cd coach
# Add the upstream repository
git remote add upstream https://github.com/coach/coach.git
2. Set Up Development Environment
Set up the frontend and backend development environments:
# Frontend setup
cd frontend
npm install
npm run dev
# In a new terminal, set up the backend
cd backend
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
pip install -r requirements.txt
python -m uvicorn app.main:app --reload
3. Create a Feature Branch
Always create a new branch for your changes:
git checkout -b feature/your-feature-name
# or for a bugfix
git checkout -b fix/issue-description
Development Guidelines
Follow these guidelines to ensure your contributions align with our project standards:
Code Style
Frontend (Next.js)
- •Follow the ESLint and Prettier configurations
- •Use TypeScript for all new components
- •Follow the component structure in the codebase
Backend (FastAPI)
- •Follow PEP 8 style guidelines
- •Use type hints for all function parameters and returns
- •Write docstrings for all public functions and classes
Testing
All new features and bug fixes should include appropriate tests:
Frontend Tests
# Run tests
npm test
# Run tests with coverage
npm test -- --coverage
Backend Tests
# Run pytest
cd backend
pytest
# Run with coverage
pytest --cov=app tests/
Commit Messages
We follow conventional commits for clear and structured history:
feat: add new vulnerability detection for SQL injection
fix: resolve false positive in path traversal detection
docs: update API documentation
test: add tests for XSS detection
refactor: improve performance of scanning process
chore: update dependencies
Pull Request Process
Follow these steps when submitting your contribution:
1. Keep PRs Focused
Each pull request should address a single concern. Don't combine multiple features or fixes unless they're closely related.
2. Update Documentation
When adding or modifying features, make sure to update the relevant documentation. This includes code comments, API docs, and user guides.
3. PR Description Template
Use our PR template to provide all necessary information:
## Description
[Describe the changes you've made]
## Related Issue
Fixes #[issue number]
## Type of Change
- [ ] Bug fix
- [ ] New feature
- [ ] Documentation update
- [ ] Performance improvement
- [ ] Code refactoring
## Testing
[Describe the tests you ran and how to reproduce]
## Screenshots (if applicable)
## Checklist
- [ ] My code follows the project's style guidelines
- [ ] I have performed a self-review of my code
- [ ] I have commented my code where necessary
- [ ] I have updated the documentation
- [ ] My changes generate no new warnings
- [ ] I have added tests that prove my fix or feature works
- [ ] New and existing tests pass with my changes
Working with Gemini API Integration
When working with the AI components, keep these guidelines in mind:
API Key Management
Never commit API keys to the repository. We use environment variables for all sensitive credentials.
# Example of proper API key usage
import os
from google.generativeai import configure
api_key = os.environ.get("GEMINI_API_KEY")
if not api_key:
raise ValueError("GEMINI_API_KEY environment variable is not set")
configure(api_key=api_key)
Prompt Engineering
When updating or adding new prompts for the Gemini API, follow these best practices:
- •Be specific and provide clear context in the prompt
- •Include relevant code snippets for context when analyzing vulnerabilities
- •Document prompt reasoning in code comments to help other contributors understand your approach
Getting Help
If you need help or have questions about the contribution process:
Open an Issue
If you have a specific question about implementing a feature, feel free to open a discussion issue on GitHub.