docs: add CONTRIBUTING.md guide#28
docs: add CONTRIBUTING.md guide#28arunsanna wants to merge 2 commits intoGenAI-Security-Project:mainfrom
Conversation
Comprehensive contribution guide covering: - Quick start setup (Docker and local) - Branch naming conventions - PR process and commit message format - Code standards (imports, output conventions) - Project architecture overview - Build and run instructions - Areas welcoming contributions - Issue reporting guidelines - Community links
- Add Contributing section with link to guide - Fix issue tracker URL (was pointing to old repo)
There was a problem hiding this comment.
Pull request overview
This PR adds a CONTRIBUTING guide to help new contributors understand how to set up the project, follow the development workflow, and align with code standards and architecture.
Changes:
- Introduces a comprehensive
CONTRIBUTING.mdwith quick start instructions, branching and commit conventions, and contribution areas. - Documents code style guidance, output/logging conventions, and an overview of the project’s architecture.
- Adds build/run instructions for both Docker-based and local development workflows.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ### Local Development | ||
|
|
||
| ```bash | ||
| cd HF_files/aibom-generator | ||
| pip install -r requirements.txt | ||
|
|
||
| # Run API server | ||
| python -m uvicorn src.aibom_generator.api:app --reload --port 7860 | ||
|
|
||
| # Or use CLI | ||
| python -m src.aibom_generator.cli --model_id "microsoft/DialoGPT-medium" |
There was a problem hiding this comment.
The local development commands here reference the src.aibom_generator module, but in the repository the package directory is currently named src/aibom-generator, so following these steps outside Docker will raise a ModuleNotFoundError unless the directory is renamed or the instructions are updated to match the actual package/module path (or to include the same rename logic used in the Dockerfile).
| ``` | ||
| HF_files/aibom-generator/ | ||
| ├── src/aibom-generator/ | ||
| │ ├── generator.py # Core AIBOM generation | ||
| │ ├── enhanced_extractor.py # Metadata extraction | ||
| │ ├── field_registry.json # Registry-driven field definitions | ||
| │ ├── api.py # FastAPI endpoints | ||
| │ ├── cli.py # Command-line interface | ||
| │ ├── utils.py # Completeness scoring | ||
| │ └── validation.py # CycloneDX schema validation |
There was a problem hiding this comment.
This architecture diagram lists a validation.py module for CycloneDX schema validation, but there is no validation.py file under src/aibom-generator/ in the current tree; the validation logic appears to live in other modules (for example utilities), so this reference should be updated to point to the actual implementing module(s) to avoid confusing new contributors.
✅ Testing CompletedDeployed and tested on personal HF Space: https://megamind1-aibom-generator-test.hf.space Test ResultsPR #28 Verification:
Link Validation Results:
Functional Test:
Ready for review and merge. |
Reapply of PR GenAI-Security-Project#28 with updates for v0.2 project structure. - Development setup (Docker + local) - Branch naming and PR workflow conventions - Code standards (Python style, logging, imports) - Updated project architecture diagram for v0.2 - Testing instructions - Areas welcoming contributions - Community links including weekly call info
Status Update: Reapplied to v0.2The CONTRIBUTING.md guide has been reapplied to the v0.2 branch in PR #36. Updates for v0.2:
This PR can be closed in favor of PR #36 which targets v0.2. |
2 participants
Summary
Content Overview
Test Plan