Thanks for considering a contribution. OpenAgentLock is a security-focused project; please open a GitHub issue first for anything beyond a small fix so we can align on scope.
Three languages, one repo:
cli/— TypeScript on Bun.bun install,bun run typecheck,bun test.control-plane/— Go.go vet ./... && go test -race ./.... Requires the Rust ledger built first; seeledger/README.md.ledger/— Rust (edition 2021).cargo test.
You'll need:
- Bun >= 1.1
- Go >= 1.21
- Rust >= 1.85
- Docker (for control-plane)
- Fork + branch from
main. - Add tests for any net-new behavior. Detection logic is the only area where stub-first is acceptable; it has regression tests now.
bun test,cargo test, andgo test -racemust pass before review.- Open a PR with a clear summary. CI runs
ci.ymlon each push.
For changes that ship or unship a public surface, update the status contract in the same PR:
README.md"What ships today"docs/status.md- Any affected guide/reference page under
docs/guide/ordocs/reference/
- Bugs / feature requests: open a GitHub issue at https://github.com/openagentlock/OpenAgentLock/issues.
- Security vulnerabilities: see
SECURITY.md. Please do not open a public issue for security reports.
By contributing you agree that your contributions are licensed under the FSL-1.1-Apache-2.0 found in LICENSE.