diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..f98b23f --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,17 @@ +## Description + + +## Type of Change +- [ ] Bug fix (non-breaking change which fixes an issue) +- [ ] New feature (non-breaking change which adds functionality) +- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) +- [ ] Documentation update + +## Checklist +- [ ] My code follows the code style of this project +- [ ] I have performed a self-review of my own code +- [ ] I have commented my code, particularly in hard-to-understand areas +- [ ] I have made corresponding changes to the documentation +- [ ] My changes generate no new warnings +- [ ] I have added tests that prove my fix is effective or that my feature works +- [ ] New and existing unit tests pass locally with my changes diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..95982ac --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,34 @@ +# Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to a positive environment include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team. All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] + +[homepage]: http://contributor-covenant.org +[version]: http://contributor-covenant.org/version/1/4/ diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..f0e7879 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,52 @@ +# Contributing to Decent SDK + +Thank you for your interest in contributing to the Decent SDK! We welcome contributions from the community to help us build a better tool for the Decentralized Web. + +## Getting Started + +1. **Fork the repository** on GitHub. +2. **Clone your fork** locally: + ```bash + git clone https://github.com/YOUR_USERNAME/decent-sdk.git + cd decent-sdk + ``` +3. **Install dependencies** using Bun: + ```bash + bun install + ``` + +## Development Workflow + +1. **Create a new branch** for your feature or bugfix: + ```bash + git checkout -b feature/my-new-feature + ``` +2. **Make your changes**. Ensure your code follows the existing style and conventions. +3. **Run tests** to ensure no regressions: + ```bash + bun test + ``` + *Note: Tests currently require a local instance of the Decent API running on port 3005.* + +4. **Lint your code**: + ```bash + bun run lint + ``` + +## Submission Guidelines + +1. **Commit your changes** with clear, descriptive messages. +2. **Push to your fork**: + ```bash + git push origin feature/my-new-feature + ``` +3. **Open a Pull Request** against the `main` branch of the `decent-sdk` repository. +4. Provide a clear title and description for your PR, referencing any related issues. + +## Code Style + +- We use **TypeScript** for type safety. +- We use **ESLint** for linting. +- **No emojis** in code comments, commit messages, or documentation. + +Thank you for contributing! diff --git a/CRITICAL_REVIEW.md b/CRITICAL_REVIEW.md new file mode 100644 index 0000000..b9a4eff --- /dev/null +++ b/CRITICAL_REVIEW.md @@ -0,0 +1,32 @@ +# Critical Review: Decent SDK + +## 1. Executive Summary +The `decent-sdk` repository provides a clean, TypeSript-based SDK for the Decent API, featuring a clear separation between Core logic (Node.js/Vanilla JS compatibility) and React utilities. While the technical foundation is solid, the repository lacks essential open-source health files and professionalism standards (specifically regarding emoji usage in build logs and documentation) required for a mature open-source project. + +## 2. Code Structure & Quality +- **Strengths:** + - **Modular Architecture:** distinct separation between `src/core` and `src/react` allows for tree-shakable builds and usage in non-React environments. + - **Modern Tooling:** Utilization of `Bun` for building and testing is performant and modern. + - **Type Safety:** Comprehensive TypeScript definitions with strict formatting conventions. + +- **Areas for Improvement:** + - **Testing Strategy:** Tests currently appear to rely on a live local backend (`http://localhost:3005`), which makes CI/CD implementation difficult. Mocking network requests would be a significant improvement. + - **Logging:** The `build.ts` script uses emojis in console logs, which disrupts the professional tone requested. + - **Error Handling:** Generic error handling in fetch wrappers could be more typed/granular. + +## 3. Open Source Protocols +- **Missing Standards:** + - No `CONTRIBUTING.md` to guide new developers. + - No `CODE_OF_CONDUCT.md` to establish community standards. + - No `SECURITY.md` for reporting vulnerabilities. + - No Pull Request template to standardize contributions. +- **Documentation:** The `README.md` is marked as `[WIP]` and contains emojis. It provides basic installation and usage but lacks comprehensive API reference or contribution guidelines. + +## 4. Recommendations +1. **Professional Polish:** Remove all emojis from source code, build scripts, and documentation. +2. **Community Health:** Add standard OSS files (`CONTRIBUTING.md`, `CODE_OF_CONDUCT.md`, `SECURITY.md`). +3. **Documentation:** Expand `README.md` to include clearer prerequisites and link to the new contributing guide. +4. **Testing:** (Future) Refactor tests to support mocked API responses for standalone execution. + +## 5. Conclusion +The codebase is healthy but needs "professionalizing" to meet standard open-source protocols. The immediate focus should be on establishing these protocols and cleaning up the aesthetic (removing emojis). diff --git a/IMPLEMENTATION_PLAN.md b/IMPLEMENTATION_PLAN.md new file mode 100644 index 0000000..3a969e7 --- /dev/null +++ b/IMPLEMENTATION_PLAN.md @@ -0,0 +1,18 @@ +# Implementation Plan: Decent SDK Standardization + +This plan outlines the steps to align `decent-sdk` with standard open-source protocols and remove emoji usage. + +## Phase 1: Code & Asset Cleaning (Professionalism) +- [ ] **Modify `build.ts`**: Remove emojis from console logs. +- [ ] **Modify `README.md`**: Remove emojis and update the header. + +## Phase 2: Open Source Standardization +- [ ] **Create `CONTRIBUTING.md`**: Define setup, testing, and submission standards. +- [ ] **Create `CODE_OF_CONDUCT.md`**: Adopt the Contributor Covenant standard. +- [ ] **Create `SECURITY.md`**: Define the vulnerability reporting process. +- [ ] **Create `.github/pull_request_template.md`**: Standardize PR descriptions. + +## Phase 3: Git Operations +- [ ] Create a new branch `refactor/oss-standards`. +- [ ] Commit each file individually. +- [ ] Prepare for Pull Request. diff --git a/README.md b/README.md index 571ea97..02fb067 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Decent SDK [WIP] +# Decent SDK A unified SDK for the Decent API that works in both Node.js and React environments. @@ -71,3 +71,11 @@ bun run build # requirement: configure decent-offchain locally. bun test ``` + +## Community & Contributing + +We welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details. + +- **License**: [MIT](LICENSE) +- **Code of Conduct**: [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md) +- **Security**: [SECURITY.md](SECURITY.md) diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..56bf701 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,20 @@ +# Security Policy + +## Supported Versions + +Please use the latest version of the `decent-sdk` to ensure you present the most secure version. + +| Version | Supported | +| ------- | ------------------ | +| 0.1.x | :white_check_mark: | +| < 0.1.0 | :x: | + +## Reporting a Vulnerability + +We take the security of our software seriously. If you believe you have found a security vulnerability in the `decent-sdk`, please report it to us as described below. + +**Please do not report security vulnerabilities through public GitHub issues.** + +Instead, please send an email to security@decentdao.org. + +You should receive a response within 48 hours. If for some reason you do not, please follow up via email to ensure we received your original message. diff --git a/build.ts b/build.ts index 0fbc8c7..515cfcc 100644 --- a/build.ts +++ b/build.ts @@ -2,7 +2,7 @@ import { execSync } from 'child_process'; import { join } from 'path'; import { readdir, stat } from 'fs/promises'; -console.log('🔨 Building decent-sdk...'); +console.log('Building decent-sdk...'); const external = ['react', 'react-dom', '@tanstack/react-query']; @@ -50,7 +50,7 @@ execSync('tsc --project tsconfig.cjs.json', { stdio: 'inherit' }); // Verify exports console.log('Verifying exports are correctly built...'); try { - console.log('📊 Build statistics:'); + console.log('Build statistics:'); const countFilesInDir = async (dir: string): Promise => { let count = 0; @@ -77,7 +77,7 @@ try { for (const dir of dirs) { const files = await readdir(dir); if (files.length > 0) { - console.log(`✅ ${dir}: ${files.length} files`); + console.log(`${dir}: ${files.length} files`); } else { throw new Error(`Directory ${dir} is empty or doesn't exist`); } @@ -88,4 +88,4 @@ try { process.exit(1); } -console.log('✅ Build completed successfully.'); +console.log('Build completed successfully.');