mirror
/
openzeppelin-contracts
mirror of https://github.com/OpenZeppelin/openzeppelin-contracts
2
1
Fork 1
Code Issues Releases Wiki Activity

Update CONTRIBUTING.md

Browse Source
pull/18/head
Manuel Aráoz 9 years ago committed by GitHub
parent 16694104dd
commit a41a238505
1 changed files with 10 additions and 6 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      CONTRIBUTING.md

16
CONTRIBUTING.md
Unescape View File

@ -6,10 +6,10 @@ Contributing to Zeppelin
These are some global design goals in Zeppelin.
### D0 - Security in Depth
We strive to provide secure, tested, audited code. To achieve this, we need to match intention with function. Thus, documentation, code clarity and community review and security discussions are fundamental.
We strive to provide secure, tested, audited code. To achieve this, we need to match intention with function. Thus, documentation, code clarity, community review and security discussions are fundamental.
### D1 - Simple and Modular
Simpler code means easier audits, and better understanding of what each component does. We look for small files, small contracts, and small functions. If you can separate a contract into two independent functionalities you probably should do it.
Simpler code means easier audits, and better understanding of what each component does. We look for small files, small contracts, and small functions. If you can separate a contract into two independent functionalities you should probably do it.
### D2 - Naming Matters
@ -17,14 +17,18 @@ We take our time with picking names. Code is going to be written once, and read
### D3 - Tests
Write a test for all your code. We encourage Test Driven Development so we know when our code is right.
Write tests for all your code. We encourage Test Driven Development so we know when our code is right. Even though not all code in the repository is tested at the moment, we aim to test every line of code in the future.
### D4 - Check preconditions and post-conditions
TODO
### D5 - Consistency Everywhere
A very important way to prevent vulnerabilities is to catch a contract’s inconsistent state as early as possible. This is why we want functions to check pre- and post-conditions for executing its logic. When writing code, ask yourself what you are expecting to be true before and after the function runs, and express it in code.
### D5 - Code Consistency
Consistency on the way classes are used is paramount to an easier understanding of the library. The codebase should be as unified as possible. Read existing code and get inspired before you write your own. Follow the style guidelines. Don’t hesitate to ask for help on how to best write a specific piece of code.
Consistency on the way classes are used is paramount to allow an easier understanding of the library.
### D6 - Regular Audits
Following good programming practices is a way to reduce the risk of vulnerabilities, but professional code audits are still needed. We will perform regular code audits on major releases, and hire security professionals to provide independent review.
## Style Guidelines

Write Preview
Loading…
Cancel
Save