Contributing

Pull requests are welcome. But please read the CycloneDX contributing guidelines first.

Setup

This project uses poetry. Have it installed and setup first.

To install dev-dependencies and tools:

poetry install --all-extras

Code style

This project uses PEP8 Style Guide for Python Code.
This project loves sorted imports.
Get it all applied via:

poetry run isort .
poetry run autopep8 -ir cyclonedx/ tests/ typings/ examples/

This project prefers f'strings' over 'string'.format().
This project prefers 'single quotes' over "double quotes".
This project prefers lower_snake_case variable names.

Documentation

This project uses Sphinx to generate documentation which is automatically published to readthedocs.io.

Source for documentation is stored in the docs folder in RST format.

You can generate the documentation locally by running:

cd docs
pip install -r requirements.txt
make html

Testing

Run all tests in dedicated environments, via:

poetry run tox run

Sign off your commits

Please sign off your commits, to show that you agree to publish your changes under the current terms and licenses of the project , and to indicate agreement with Developer Certificate of Origin (DCO).

git commit --signed-off ...

Pre-commit hooks

If you like to take advantage of pre-commit hooks, you can do so to cover most of the topics on this page when contributing.

pre-commit install

All our pre-commit checks will run locally before you can commit!