Thank you for your interest in contributing to Codetective! This guide will help you get started with contributing to our multi-agent code review tool.
- Getting Started
- Development Setup
- Development Workflow
- Code Standards
- Testing
- Submitting Changes
- Issue Guidelines
- Pull Request Process
- Code of Conduct
- Python 3.10+ (tested up to 3.12)
- Git
- pip (latest version recommended)
- SemGrep: For static analysis (
pip install semgrep) - Trivy: For vulnerability scanning (installation guide)
- Ollama: For AI features (download from ollama.ai)
-
Fork and Clone
# Fork the repository on GitHub first git clone https://github.com/YOUR_USERNAME/codetective.git cd codetective
-
Set Up Development Environment
# Install in development mode with all dependencies make install-dev make install # Install external tools make setup-tools
-
Set Up Ollama (for AI features)
# Install Ollama from https://ollama.ai # Pull the recommended model ollama pull qwen3:4b
-
Verify Setup
# Check version make version # Run basic functionality test codetective info
-
Create a Feature Branch
git checkout -b feature/issue#<issue-number>-your-feature-name # or git checkout -b fix/issue#<issue-number>-your-fix-name
-
Update Dependencies (if needed)
make update-dev-deps
-
Format Code Regularly
make format
-
Run Linting
make lint
-
Run Security Checks
make security-check
-
Self-Test with Codetective
# Scan the codebase with itself codetective scan codetective/ -
FOCUS Context While using AI IDEs (Windsurf, Cursor, etc.), try to follow the FOCUS context engineering framework as much as possible. (https://github.com/Eng-Elias/FOCUS--Context_Engineering)
-
Final Code Quality Check
# Run all checks and fix the issues make lint make security-check make format -
Test Your Changes
# Test basic functionality codetective info codetective scan --help codetective fix --help codetective gui --help
- PEP 8 compliance (enforced by flake8)
- Type hints throughout the codebase
- Line length: Maximum 130 characters
- Formatting: Black with line length 130
- Import sorting: isort with black profile
- Follow the existing package structure
- Use proper
__init__.pyfiles - Implement proper error handling
- Add docstrings to all public functions and classes
- Classes: PascalCase (
CodeDetectiveOrchestrator) - Functions/Methods: snake_case (
scan_files) - Constants: UPPER_SNAKE_CASE (
AGENT_TIMEOUT) - Private methods: Leading underscore (
_parse_results)
from typing import Any, Dict, List, Optional
def process_issues(self, issues: List[Issue], **kwargs: Any) -> List[Issue]:
"""Process issues with proper type hints."""
pass-
Basic Functionality
# Test CLI commands codetective info codetective scan codetective/ --agents semgrep,trivy,ai_review codetective gui -
Agent Testing
# Test individual agents codetective scan . --agents semgrep codetective scan . --agents trivy codetective scan . --agents ai_review
-
Fix Testing
# Test fix functionality codetective scan . -o test_results.json codetective fix test_results.json # OR codetective fix test_results.json --agent comment
Always run Codetective on its own codebase:
codetective scan codetective/ --agents semgrep,trivy,ai_review- Code follows style guidelines (
make format,make lint) - Security checks pass (
make security-check) - Self-scan with Codetective passes
- All new code has type hints
- Documentation updated if needed
- Commit messages follow guidelines
- Branch is up to date with main
- Search existing issues first
- Include system information:
- OS and version
- Python version
- Codetective version
- External tool versions (SemGrep, Trivy, Ollama)
- Provide reproduction steps
- Include error messages and logs
- Search existing issues first
- Describe the problem you're trying to solve
- Propose a solution if you have one
- Consider implementation complexity
For security vulnerabilities, please email the maintainers directly instead of opening a public issue.
- Fork the repository
- Create a feature branch
- Make your changes
- Test thoroughly
- Update documentation if needed
- Clear description of changes
- Link to related issues
- Screenshots for UI changes
- Breaking changes clearly marked
- All checks passing
## Description
Brief description of changes
## Type of Change
- [ ] Bug fix
- [ ] New feature
- [ ] Breaking change
- [ ] Documentation update
## Testing
- [ ] Manual testing completed
- [ ] Self-scan with Codetective passes
- [ ] All linting and security checks pass
## Related Issues
Fixes #issue-number
## Screenshots (if applicable)- Automated checks must pass
- Code review by maintainers
- Testing by reviewers
- Approval required before merge
- Squash and merge preferred
# Show all available make targets
make help
# Quick development cycle
make format lint security-check
# Version information
make version
# Clean build artifacts
make clean # Unix/Linux
make clean-win # Windows- CLI Interface (
cli/): Command-line interface using Click - Core Orchestrator (
core/): LangGraph-based workflow management - Scanning Agents (
agents/scan/): SemGrep, Trivy, AI Review - Output Agents (
agents/output/): Comment, Edit agents - GUI Interface (
gui/): NiceGUI-based web interface - Models (
models/): Pydantic data models - Utilities (
utils/): Helper functions and utilities
All agents inherit from base classes:
ScanAgent: For scanning operationsOutputAgent: For fix/comment operationsAIAgent: For AI-powered agents
- README.md - Basic usage and installation
- DEPLOYMENT.md - Deployment and release process
- FOCUS_CONTEXT/ - Detailed technical documentation, (https://github.com/Eng-Elias/FOCUS--Context_Engineering)
By contributing to Codetective, you agree that your contributions will be licensed under the same license as the project.
Thank you for contributing to Codetective! Your help makes this project better for everyone.