Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
61 lines (38 loc) · 2.45 KB

CONTRIBUTING.md

File metadata and controls

61 lines (38 loc) · 2.45 KB

Contributing to Signos Verify

Thanks for your interest. This repo is the public mirror of the Signos verification frontend; the canonical source lives in a private monorepo, and changes are synced down via GitHub Actions.

How the sync works

backend-servers/verify-frontend/ in the upstream monorepo → Signos-app/verify (this repo).

Files maintained only here (not synced from upstream):

  • README.md
  • LICENSE
  • CONTRIBUTING.md
  • SECURITY.md
  • CODE_OF_CONDUCT.md
  • .github/

Everything else (src/, public/, package.json, build configs) gets overwritten on each sync. Edit those upstream by opening a PR with the change, or open an issue here describing what you'd like to change.

Filing issues

  • Bug: verification produces a wrong result, the page errors out, a sealed file doesn't load, etc. Use the bug report template in .github/ISSUE_TEMPLATE/. Please include the file (if you can share it) or at least its hash.
  • Feature: ideas for new verification checks, supported formats, or UX improvements. Use the feature request template.
  • Security: do not file a public issue. See SECURITY.md.

Submitting pull requests

PRs against community files (README, CONTRIBUTING, SECURITY, CODE_OF_CONDUCT, .github/) are merged here directly.

PRs against the source code (src/, public/, configs) are reviewed and, if accepted, applied upstream in the monorepo. The change re-syncs to this repo automatically. We'll close your PR with a comment when this happens — your contribution is still attributed in the upstream commit history.

Local development

npm install
npm run dev

Open http://localhost:5173. Drag a Signos-sealed file onto the page to test.

Tests

npm test

Runs Vitest unit tests for the verification logic.

Code style

  • TypeScript, strict mode
  • Functional / module-pattern preferred over classes (existing code uses this)
  • No dependencies added without discussion (we keep the bundle minimal)

Privacy guard

The upstream sync workflow runs a privacy guard that blocks any content matching personal identity strings from being pushed to this repo. If you're a Signos team member working on the upstream codebase, do not include local paths or developer names in source files — the sync will fail and so will the build.

Code of conduct

By participating, you agree to abide by our Code of Conduct. Contact russ@signos.app for any concerns.