Contributing to Coffer
Thanks for your interest in Coffer. This page is the human contributor entry point. AI agents (Claude Code, Codex, Cursor) should read AGENTS.md in the repository root instead.
Quick Start
git clone https://github.com/wyx-sg/Coffer.git
cd Coffer
make install # venv + backend deps
make hooks # wire pre-commit + commit-msg hooks
make dev # backend daemon (:8000)Project Anchors
.specify/memory/constitution.md— what Coffer is and what it must never become.AGENTS.md— operating manual; humans can read it too, the rules apply equally.
Workflow
Every contribution follows the same six steps:
- Branch off
main(see Conventional Commits & git workflow for naming conventions). - Write or update the spec first if the change is user-visible — see Spec-driven development. Every feature starts with a spec; code follows the spec, not the other way around.
- Implement, with tests in the right tier.
- Run
make verify-alllocally. - Open a PR; the title must follow Conventional Commits format.
- Wait for review. Branches are squash-merged into
main.
Conventional Commits
PR titles and commit subjects must follow the Conventional Commits specification: type(scope): description. The pre-commit hook enforces this. See Conventional Commits & git workflow for the full rules, branch naming, and merge policy.
Spec-driven development (SDD)
All user-visible changes require a spec — a specs/<NNN>-<short-name>/spec.md — to be written or updated before implementation begins. The spec is the contract; the implementation must satisfy it. See Spec-driven development for the full SDD discipline.
Testing
Four tiers, run before opening a PR:
make verify-unit # < 5s
make verify-integration # < 30s
make verify-contract # < 5s
make verify-e2e # MCP shim + daemon round-trip
make verify # unit + integration + contract (skip e2e)
make verify-all # everythingSecurity
Do not open public GitHub issues for security findings. See Security.
License
By contributing, you agree your contributions are licensed under the MIT License.