Thank you for your interest in contributing to syft-client! This document provides guidelines and setup instructions for contributors.
- Python 3.10 or higher
- Git
- uv (recommended) or pip
-
Clone the repository
git clone https://github.com/OpenMined/syft-client.git cd syft-client -
Create a virtual environment
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install dependencies
# Using uv (recommended) pip install uv uv pip install -e ".[test,dev]" # Or using pip pip install -e ".[test,dev]"
-
Install pre-commit hooks
pip install pre-commit pre-commit install
This will automatically run code quality checks before each commit.
This project enforces code quality through automated checks. All code must pass these checks before being merged.
Pre-commit hooks run automatically before each commit. They include:
- black: Code formatting (auto-fixes)
- isort: Import sorting (auto-fixes)
- flake8: Linting with complexity checks (max complexity: 10)
- bandit: Security vulnerability scanning
- mypy: Type checking
- Standard checks: trailing whitespace, file endings, merge conflicts, etc.
Run manually:
pre-commit run --all-files# Check formatting
black --check syft_client
# Auto-format code
black syft_client
# Check import order
isort --check-only syft_client
# Fix import order
isort syft_client
# Run flake8
flake8 syft_clientmypy syft_client --no-strict-optional --ignore-missing-importsbandit -r syft_client -c pyproject.tomlgit checkout -b feature/your-feature-name
# or
git checkout -b fix/bug-description- Write clean, readable code
- Follow existing code style and patterns
- Keep functions focused and simple (complexity ≤ 10)
- Add type hints to new functions
- Update docstrings for modified functions
Before committing:
# Run all pre-commit hooks
pre-commit run --all-files
# Verify no issues
black syft_client
isort syft_client
flake8 syft_client
bandit -r syft_client -c pyproject.tomlgit add .
git commit -m "Description of changes"Pre-commit hooks will run automatically. If they fail:
- Some issues are auto-fixed (black, isort) - just commit again
- Other issues need manual fixes - fix them and commit again
Skip hooks locally (if needed for speed):
git commit --no-verify -m "Description of changes"git push origin feature/your-feature-nameThen create a Pull Request on GitHub.
All PRs must pass automated checks:
- Lint and Format Check: black, isort, flake8 (strict - must pass)
- Security Scan: bandit (strict - must pass)
- Type Check: mypy (advisory - won't block merges)
- Pre-commit Hooks: All hooks must pass (strict - catches
--no-verifyskips)
These run automatically on every PR via GitHub Actions.
Local vs CI behavior:
- Locally: You can skip hooks with
--no-verifyfor speed - In CI: All checks run strictly and will fail the PR if there are issues
- mypy only: Advisory locally (manual stage), but runs in CI for visibility
- Line length: 88 characters (black default)
- Import order: stdlib → third-party → local (isort with black profile)
- Docstrings: Google style
- Type hints: Use type hints for all public functions
- Complexity: Keep cyclomatic complexity ≤ 10
- Never commit credentials or API keys
- Avoid hardcoded secrets - use environment variables
- Be cautious with user input - validate and sanitize
- Review AI-generated code carefully for security issues
- The
banditsecurity scanner will catch common issues
- Functions/variables:
snake_case - Classes:
PascalCase - Constants:
UPPER_SNAKE_CASE - Private methods:
_leading_underscore
pytest tests/unit/ -vIntegration tests require Google OAuth credentials to test Google Drive synchronization.
mkdir -p credentials- Go to Google Cloud Console
- Create a project (or select existing one)
- Enable the Google Drive API:
- Go to "APIs & Services" -> "Library"
- Search for "Google Drive API" and click "Enable"
- Configure OAuth Consent Screen:
- Go to "APIs & Services" -> "OAuth consent screen"
- Choose "External" (or "Internal" for Google Workspace)
- Add scopes:
https://www.googleapis.com/auth/drive - Add your test user emails
- Add audience:
- "APIs & Services" -> "OAuth Consent Screen" -> "Audience"
- Add your email as a "Test users" by clicking "Add users"
- Create OAuth Credentials:
- Go to "APIs & Services" -> "Credentials"
- Click "Create Credentials" -> "OAuth client ID"
- Application type: Desktop app
- Download the JSON files
python scripts/create_token.py --cred-path path/to/credentials.json --token-path credentials/token_do.json
python scripts/create_token.py --cred-path path/to/credentials.json --token-path credentials/token_ds.jsonA browser window will open for each user to authenticate.
export [email protected]
export [email protected][email protected] [email protected] pytest tests/integration/test_sync_manager.py -v -sOr if you've already exported the variables:
pytest tests/integration/test_sync_manager.py -v -s- Never commit credential files or tokens to git (they're in
.gitignore) - Tokens can be revoked at https://myaccount.google.com/permissions
- Issues: Check existing GitHub issues
- Discussions: Use GitHub Discussions
- Questions: Open a new issue with the
questionlabel
The main branch is protected with the following rules:
- ✅ Require PR reviews (minimum 1 approval)
- ✅ Require status checks to pass:
- Lint and Format Check
- Security Scan
- Type Check (advisory)
- Pre-commit Hooks
- ✅ Require branches to be up to date before merging
- ✅ No force pushes
- ✅ No deletions
When using AI coding assistants (Claude Code, GitHub Copilot, etc.):
- Always run pre-commit hooks - they catch formatting and security issues
- Review generated code - AI can introduce vulnerabilities
- Check complexity - AI sometimes generates over-complicated code
- Verify type hints - ensure they're accurate
- Test security - run
banditon AI-generated code
The automated guardrails are specifically designed to catch common AI coding issues.
By contributing, you agree that your contributions will be licensed under the Apache-2.0 License.