Intelliscan / CONTRIBUTING.md
simoox's picture
Upload 204 files
5e0bd20 verified
|
Raw
History Blame Contribute Delete
3.35 kB
# Contributing to IntelliScan
Thank you for your interest in contributing to IntelliScan! This document outlines the process and guidelines for contributing.
## Code of Conduct
- Be respectful and constructive in all interactions
- Focus on what is best for the community and the project
- Show empathy towards other community members
## How to Contribute
### Reporting Bugs
Before submitting a bug report:
1. **Search existing issues** to avoid duplicates
2. **Verify reproduction** on the latest version
3. **Test against DVWA** in Docker to isolate from environment issues
When opening a bug report, include:
- Python version and OS
- Full stack trace if applicable
- Minimal reproduction steps
- Expected vs actual behavior
### Suggesting Features
Feature requests are welcome! Please:
1. Check the [Roadmap](README.md#roadmap) first
2. Open an issue with the `enhancement` label
3. Describe the use case and motivation
4. If possible, sketch the API or behavior
### Submitting Pull Requests
1. **Fork the repo** and create a feature branch:
```bash
git checkout -b feature/my-feature
```
2. **Set up the dev environment**:
```bash
pip install -r requirements-dev.txt
pre-commit install
```
3. **Make your changes** with:
- Clear, focused commits
- Type hints where applicable
- Docstrings for public functions/classes
- Tests for new functionality
4. **Run the test suite**:
```bash
pytest tests/ --cov=intelliscan
black intelliscan/
ruff check intelliscan/
```
5. **Submit the PR** with:
- A clear title and description
- Reference to any related issue
- Screenshots/output examples if UI-related
## Coding Standards
### Python Style
- **Formatter**: Black (default settings)
- **Linter**: Ruff (config in `pyproject.toml`)
- **Type hints**: required for public APIs, recommended elsewhere
- **Docstrings**: required for modules, classes, and public functions (numpy style)
- **Line length**: 100 characters
### Module Structure
Every module should:
1. Start with a docstring describing its purpose
2. Use absolute imports
3. Define a clear public API via `__all__` if non-trivial
4. Include a CLI entry point (`if __name__ == "__main__":`) if usable standalone
### Tests
- Place tests in `tests/test_<module>.py`
- Use pytest fixtures from `conftest.py`
- Aim for >80% coverage on new code
- Mock network calls in unit tests; integration tests can use DVWA
## Adding a New Vulnerability Type
To add support for a new vulnerability class (e.g., CSRF, SSRF):
1. **Add payloads** in `payloads/<vuln_type>.txt`
2. **Update `config.py`**:
- Add to `PAYLOAD_FILES`
- Add to `DVWA_FORMS` (target endpoint)
- Add to `SEVERITY`
- Add detection signatures if applicable
3. **Update `analyzer.py`**:
- Add a `_detect_<vuln_type>` static method
- Wire it into `_classify`
4. **Add tests** in `tests/test_analyzer.py`
5. **Update README** comparison tables and documentation
## Releasing
(For maintainers)
1. Update version in `intelliscan/__init__.py` and `setup.py`
2. Update `CHANGELOG.md`
3. Tag the release: `git tag v1.x.y && git push --tags`
4. GitHub Actions will publish the Docker image
## Questions?
Open a [GitHub Discussion](https://github.com/sabkari-mohamed/intelliscan/discussions) or reach out via the contact info in the README.