First off, thank you for considering contributing to LLMGuardian! It's people like you who make LLMGuardian a great tool for protecting LLM applications. This document provides guidelines and steps for contributing.
By participating in this project, you agree to abide by our Code of Conduct. We are committed to providing a welcoming and inclusive environment for everyone. Key points:
- Be respectful and inclusive
- Use welcoming and inclusive language
- Be collaborative
- Focus on what is best for the community
- Show empathy towards other community members
Before creating bug reports, please check the existing issues to avoid duplicates. When you create a bug report, include as many details as possible:
- A clear and descriptive title
- Exact steps to reproduce the problem
- Expected behavior vs actual behavior
- Code samples and test cases if applicable
- Your environment details (OS, Python version, etc.)
If you have ideas for new features or improvements:
- Check existing issues and discussions first
- Provide a clear and detailed explanation of the feature
- Include examples of how the feature would be used
- Explain why this enhancement would be useful to LLMGuardian users
- Fork the repository
- Create a new branch for your feature or fix
- Write clear, documented, and tested code
- Follow our coding conventions (detailed below)
- Submit a pull request with a clear description of the changes
- Follow PEP 8 style guide
- Use type hints
- Write docstrings for all public methods and classes
- Keep functions focused and single-purpose
- Use descriptive variable names
- Write unit tests for all new functionality
- Maintain or improve test coverage
- Tests must pass in CI pipeline
- Include both positive and negative test cases
- Test edge cases and potential security implications
As LLMGuardian is a security tool, we have strict requirements:
- No malicious code or backdoors
- All dependencies must be vetted and approved
- Security-sensitive code requires additional review
- Follow secure coding practices
- Document security implications of changes
- Regular security testing and validation
- Update README.md if adding new features
- Include docstrings in code
- Update relevant documentation files
- Provide examples for new functionality
- Document security considerations
- Use clear and descriptive commit messages
- Reference issue numbers when applicable
- Use present tense ("Add feature" not "Added feature")
- Keep commits focused and atomic
-
Set up your development environment:
python -m venv venv source venv/bin/activate # or `venv\Scripts\activate` on Windows pip install -r requirements-dev.txt
-
Run tests locally:
pytest
-
Check code style:
flake8 black . isort .
- Update documentation to reflect changes
- Add tests for new functionality
- Ensure all tests pass
- Update CHANGELOG.md
- Get at least one code review
- Squash commits if requested
- Address review feedback
Releases are handled by maintainers following the semantic versioning (SemVer) system.
We use the MIT License - see the LICENSE file for details. When you contribute code, you agree to license your contribution under the same terms.
If you need help with your contribution:
- Check the documentation
- Open a discussion on GitHub
- Join our community chat
- Ask questions in issues
Check our roadmap and project board for planned features and enhancements. This can help you find areas where your contributions would be most valuable.
Thank you for contributing to LLMGuardian! Together we can make LLM applications more secure for everyone.