Thanks for improving Xelma. This document explains the expected workflow for contributors and maintainers.
- Open or reference an issue describing the change.
- Keep changes focused and easy to review.
- For contract changes, include or update tests.
Blank issues are disabled. Pick the template that matches your work so every backlog item ships with the technical detail maintainers need to triage it:
- Bug report — a reproducible defect in contract, bindings, or CI.
- Feature request — a general enhancement to logic, tooling, or docs.
- Protocol improvement — changes to contract logic, economics, or lifecycle.
- Security hardening task — public, non-sensitive defense-in-depth work.
(Never disclose exploitable vulnerabilities publicly — use the private path
in
SUPPORT.md.) - Test task — additional unit, property, chaos, or benchmark coverage.
The protocol, security, and test templates require risk, scope, acceptance criteria, and a test plan. Issues missing these fields may be sent back for detail before they are picked up.
- Fork and clone the repository.
- Install Rust and Node.js dependencies.
- Run local validation before opening a PR:
cargo test --workspacecargo clippy --workspace --all-targets -- -D warningscargo fmt --all -- --checkcd bindings && npm ci && npm run buildcd bindings && npm run test:parity(ABI drift check; mirrors the CIbindings-testjob)
Before opening a PR, consult docs/CONTRIBUTOR_TASK_MATRIX.md for task-type-specific test and evidence requirements.
The CI security-audit job runs two checks that maintainers and contributors can reproduce locally.
# Install once
# Install once (pin matches CI CARGO_AUDIT_VERSION in .github/workflows/ci.yml)
cargo install cargo-audit --version 0.22.2 --locked
# Run from the repo root
cargo audit --deny warningsFindings map to RustSec advisories. A non-zero exit means at least one advisory-level issue
was found. Review the output and update or replace the affected crate, or add an audit.toml
ignore entry with a justification comment if the advisory does not apply to this project.
cargo clippy --workspace --all-targets --locked -- \
-D clippy::unwrap_used \
-D clippy::expect_used \
-D clippy::panic \
-D clippy::integer_arithmetic \
-W clippy::arithmetic_side_effects \
-W clippy::cast_possible_truncation \
-W clippy::cast_sign_lossThese lints catch patterns that are benign in general Rust but unsafe in smart-contract
contexts (silent panics, unchecked integer operations, sign-loss on casts). CI treats them
as warnings that are surfaced in the audit job output; errors -D will fail the job.
Note: These lints are stricter than the standard
cargo clippy -- -D warningsrun in therust-testjob. It is normal for code that passes standard clippy to have findings here. Fix or document each finding before merging contract changes.
The contract crate name is xelma-contract. Do not reintroduce legacy crate naming in build scripts, docs, or CI commands.
- Link the issue(s) the PR closes.
- Describe behavioral impact and migration assumptions.
- Include test evidence for the changed behavior.
- Keep generated build artifacts out of commits (
target/,bindings/dist/, etc.). - For contract ABI, storage, or event changes, classify the impact (MAJOR/MINOR/PATCH) using COMPATIBILITY_POLICY.md and bump
Cargo.tomlaccordingly.
- At least one maintainer approval is required for non-trivial changes.
- Contract, CI, or release workflow changes require review from a listed code owner.
- Maintainers may request follow-up hardening before merge when security or correctness risk exists.
Do not open public issues for vulnerabilities. Follow the process in SUPPORT.md and repository security policy/disclosure instructions.