Thank you for your interest in contributing. This project enforces strict standards regarding code architecture, security, and contribution hygiene to keep the codebase maintainable and safe.
Please read this document carefully before writing any code. Contributions that do not adhere to these guidelines will be closed without review.
Do not write a large feature or refactor blindly. You must contact the maintainer to discuss your idea before opening any code changes. ### Issue Reference Required
- No unsolicited Pull Requests: Every PR must reference an already existing, open issue that you have been assigned to.
- PRs opened without a linked issue or prior discussion will be closed immediately. This avoids wasted effort on features or fixes that do not align with the project roadmap.
Our linting and formatting rules are strict. Your code must fully pass our .editorconfig and ESLint validations before it will be considered for merging.
- Tabs vs. Spaces: Use Tabs for indentation. Spaces are strictly reserved for multi-line visual alignment. Tabs ensure proper accessibility, allowing developers to customize their indentation width in their own editors.
- Semicolons: Semicolons are required. Do not omit them.
- Quotes: Use
'single quotes'for strings unless template literals are functionally required. - Module System: This is an ES Modules (ESM) codebase. Use standard
importandexportsyntax. CommonJSrequire()ormodule.exportsare strictly forbidden.
This project operates under highly restrictive runtime environments. Code must conform perfectly to strict Content Security Policies (CSP) and Trusted Types.
To maintain compliance, the following are completely banned:
- No Dynamic Execution: Absolute ban on
eval(),new Function(), or passing strings tosetTimeout/setInterval. - No Unsafe DOM Manipulation: Never use
.innerHTML,.outerHTML, ordocument.write(). All DOM manipulations must use safe, explicit APIs likecreateElement,textContent, or secure Trusted Types policies. - No Inline Styles: Do not inject inline
<style>tags or dynamicstyleattribute strings that violate CSP style-src directives.
We maintain a nuanced but strict policy regarding the use of Large Language Models (LLMs) and AI tools (such as ChatGPT, Claude, or GitHub Copilot) in this repository.
- AI-Generated Issues: Do not use AI to write or submit bug reports or feature requests. This prevents the spam of hallucinated issues that waste maintainer triage time.
- AI-Generated Logic/PRs: Pull Requests containing core logic, code architectures, or complex PR descriptions generated by AI will be rejected.
- Using AI assistance for purely structural or auxiliary tasks is acceptable. This includes generating JSDoc documentation, markdown syntax formatting, or scaffolding basic boilerplate wrappers around human-authored logic.
- Spam Mitigation: Automated prompting leads to high-volume, low-quality issue queues and code submissions that burn out open-source maintainers.
- Legal & Licensing Integrity: The legal status of LLMs trained on data with differing or proprietary source licenses remains highly ambiguous. We require absolute certainty regarding the provenance and licensing of code entering this repository.
- Developer Growth: Open-source projects should serve as a playground for junior developers to grow their programming literacy and problem-solving skills. Over-reliance on prompting creates a barrier to understanding the source code intimately. We want your human engineering, not your prompt engineering.