Thank you for your interest in contributing to the Smart Swimming Pool Controller project! 🏊♂️
This document provides guidelines for contributing to the project. Please read it carefully before submitting your first pull request.
- Code of Conduct
- How to Contribute
- Getting Started
- Development Workflow
- Coding Standards
- Security Guidelines
- Testing
- Pull Request Process
- Review Process
- Commit Message Guidelines
- Quality Gates
- Resources
This project adheres to the Contributor Covenant. By participating, you are expected to uphold this code. Please report unacceptable behavior to project maintainers.
See also: code-of-conduct.md
- Check existing issues: Search GitHub Issues before creating a new one
- Use the issue template: Provide detailed information about the bug
- Include:
- Firmware version (from Web Dashboard or serial monitor)
- Hardware setup (ESP32 model, relay module, sensors)
- Steps to reproduce
- Serial monitor output (if applicable)
- Screenshots (if UI-related)
- Check the roadmap: See README.md for planned features
- Discuss first: Open a GitHub Discussion to discuss your idea
- Check for duplicates: Search existing issues and PRs
- Fork the repository: Create your own fork
- Create a feature branch: Use descriptive branch names
(e.g.,
feat/add-timer-functionality) - Follow coding standards: See Coding Guidelines
- Test your changes: Ensure all tests pass
- Update documentation: Keep docs in sync with code changes
- PlatformIO installed
- Git installed
- Basic knowledge of C++ and ESP32 development
- Understanding of MQTT protocol (for Home Assistant integration)
# Clone the repository
git clone https://github.com/smart-swimmingpool/pool-controller.git
cd pool-controller
# Install dependencies (handled by PlatformIO)
pio run -e esp32dev
# Run local linting
make lint-fix && make lint
# Build the project
make buildpool-controller/
├── src/ # Source code
│ ├── PoolController/ # Main controller classes
│ ├── Nodes/ # Sensor and relay nodes
│ └── main.cpp # Entry point
├── data/ # Web assets and configuration
│ └── web/ # Web interface files
├── docs/ # Documentation
├── .github/ # GitHub configuration
│ ├── CODING_GUIDELINES.md # Coding standards
│ └── workflows/ # CI/CD workflows
├── platformio.ini # PlatformIO configuration
└── README.md # Project overview
# From main branch
git checkout main
git pull origin main
# Create new feature branch
git checkout -b feat/your-feature-nameBranch Naming Conventions:
feat/- New featuresfix/- Bug fixesdocs/- Documentation updatesrefactor/- Code refactoringchore/- Maintenance taskssecurity/- Security-related changes
- Follow Coding Guidelines
- Keep changes focused and minimal
- Update relevant documentation
- Add tests if applicable
# Auto-fix linting issues
make lint-fix
# Verify linting passes
make lint
# Build for ESP32
make build
# Clean up
make cleanFollow Conventional Commits guidelines.
git push origin feat/your-feature-name- Go to GitHub Pull Requests
- Click "New Pull Request"
- Select your branch
- Fill out the PR template
- Link to any related issues
- Follow existing patterns: Match the style and architecture of existing code
- Keep it simple: Prefer simple, readable code over clever optimizations
- Document your code: Use meaningful comments and docstrings
- Handle errors gracefully: Don't ignore error conditions
See CODING_GUIDELINES.md for detailed C++ standards.
Key Rules:
- Maximum line length: 130 characters (clang-format)
- Indentation: 2 spaces (no tabs)
- Brace style: K&R (opening brace on same line)
- Pointer alignment: Left (
int* ptr) - Use
nullptrinstead ofNULL - Use fixed-width types (
uint32_t,int16_t, etc.)
- Avoid heap fragmentation: Minimize
Stringusage in hot paths - Use
constexpr: For compile-time constants - Watchdog awareness: Feed the watchdog in long operations
- Memory constraints: ESP32 has ~320KB RAM - be mindful of allocations
- Never hardcode credentials: Use configuration files or secure storage
- Validate all inputs: Especially from network sources
- Use secure protocols: TLS for MQTT, HTTPS for web
- Sanitize outputs: Prevent injection attacks
DO NOT report security vulnerabilities through public GitHub issues. Instead:
- Private disclosure: Email the maintainers directly
- Responsible disclosure: Allow reasonable time for fixes
- Coordinate: Work with maintainers on the fix
- Credentials: Never commit passwords, API keys, or secrets
- Gitleaks: Run
gitleaks detect --source .before committing - CodeQL: Security analysis runs automatically in CI
- Dependencies: Keep dependencies updated (Dependabot enabled)
- No hardcoded credentials or secrets
- Input validation for all user inputs
- Secure communication protocols used
- Error messages don't reveal sensitive information
- Logging doesn't contain sensitive data
- Memory management prevents leaks
See also: Security References
# Build and run tests
make build
# Run PlatformIO tests
pio test- Unit tests: For core functionality (native build)
- Integration tests: For component interactions
- Manual testing: For hardware-specific features
- All existing tests must pass
- New features should include tests
- Bug fixes should include regression tests
- Self-review: Check your own code
- Run linting:
make lint-fix && make lint - Build successfully:
make build - Test changes: Ensure all tests pass
- Update docs: Keep documentation in sync
Use the GitHub PR template and include:
- Clear title: Descriptive and concise
- Detailed description: What, why, and how
- Related issues: Link to any relevant issues
- Breaking changes: Note any breaking changes
- Testing: How you tested the changes
- Green CI: All GitHub Actions must pass
- No merge conflicts: Rebase if necessary
- Proper commits: Follow commit message guidelines
- Code review: At least one approval required
-
Code Quality
- Follows coding standards
- Clean, readable code
- Proper error handling
- Good documentation
-
Functionality
- Does it work as intended?
- Are there edge cases to consider?
- Is the implementation efficient?
-
Security
- No security vulnerabilities
- Proper input validation
- Secure defaults
-
Testing
- Are there tests?
- Do existing tests still pass?
- Is the code testable?
-
Documentation
- Is documentation updated?
- Are there clear commit messages?
- Is the PR description informative?
- Small changes: Typically reviewed within 1-2 days
- Large changes: May take longer, especially for complex features
- Security changes: Require thorough review
- Be responsive: Reply to review comments promptly
- Make changes: Update your PR based on feedback
- Push updates: Amend commits or add new ones
- Notify reviewers: Tag reviewers when ready for re-review
We follow Conventional Commits format:
type(scope): subject
body
footer
feat: New featurefix: Bug fixdocs: Documentation only changesstyle: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)refactor: Code change that neither fixes a bug nor adds a featureperf: Code change that improves performancetest: Adding missing testschore: Changes to the build process or auxiliary toolsrevert: Reverts a previous commitsecurity: Security-related changes
# Good commit messages
feat(mqtt): Add Home Assistant discovery support
fix(web): Correct session timeout handling
docs: Update hardware guide with new pin assignments
refactor(utils): Extract string formatting functions
security: Add CSRF protection to web portal
chore: Update PlatformIO dependencies- Use imperative mood ("Add feature" not "Added feature")
- Capitalize first letter
- No period at the end
- Keep under 50 characters
- Explain what was changed
- Explain why the change was made
- Reference issues or PRs if applicable
All pull requests must pass the following quality gates:
- EditorConfig: File formatting compliance
- CPP Lint: C++ style checking (cpplint)
- Markdown: Documentation formatting
- YAML: Workflow file validation
- Gitleaks: Secret detection
Run locally:
make lint- Build: Successful compilation for both environments
esp32dev(standard ESP32)norvi_ae01_r(NORVI industrial controller)
Run locally:
make build- Security: No critical security vulnerabilities
- Code Quality: No major code quality issues
- Code Review: At least one approval
- Functionality: Changes work as intended
- Documentation: All docs updated
- README.md - Project overview and quick start
- Quick Start Guide - Step-by-step setup
- Hardware Guide - Assembly and wiring
- MQTT Configuration - Home Assistant setup
- Coding Guidelines - Detailed coding standards
- Security References - Security best practices
- GitHub Discussions
- Ask questions, discuss ideas
- Home Assistant Community
- Smart home integration
- DIY My Smart Home (Medium)
- Project blog
- Smart Swimming Pool Organization
- Other related projects
- Home Assistant
- Smart home platform
Your contributions are valuable and appreciated! All contributors are listed in the contributors graph.
For significant contributions, you may be invited to become a maintainer.
By contributing to this project, you agree that your contributions will be licensed under the MIT License.
📅 Last Updated: 2025-01-15
🤖 Generated by: Vibe Code - IoT Security Analysis
📝 Related PR: #112 - IoT Security & Memory Optimization Analysis