Thank you for helping make CUGAR Agent a reliable, modular agent stack. Please follow these steps so changes stay aligned with the guardrails defined in AGENTS.md.
- Create a branch off
main:git checkout -b feature/<short-name>. - Install dev deps:
uv sync --all-extras --dev. - Run checks locally:
make lint(ruff + black + isort)make typecheck(mypy)make test(pytest with coverage)python scripts/verify_guardrails.py
- Update docs: touch
CHANGELOG.mdunder## vNextand any relevant guides (README/USAGE/TESTING/SECURITY). - Open a PR using
.github/PULL_REQUEST_TEMPLATE/feature.md(or the best-fitting template). Include:- What changed and why
- Testing performed (commands + results)
- Guardrail and audit implications
- Code review: at least one maintainer approval; resolve comments before merge.
- Python >=3.10 with full type hints on public functions/classes.
- Prefer descriptive names over abbreviations; avoid
evalor dynamic imports. - Keep functions small and composable; extract helpers where needed.
- No secrets in logs or configs; use env vars and
.env.examplepatterns.
- Place tests in
tests/mirroring package layout. - Use
pytest-covto keep coverage signals; mark slow/integration tests with markers. - When adding tools/agents, include success/failure and guardrail-path tests.
- Keep README, USAGE, TESTING, SECURITY, and AGENTS in sync with behavior.
- Add architecture notes for new modules and update diagrams when necessary.
- Prefer structured logs with
event,operation, andoutcomefields for registry validation and similar guardrail code. - Never echo payloads, tokens, URLs, or secrets in logs or exceptions; limit diagnostics to schema paths, validators, and missing fields.
- When adding validation features, support an opt-in strict mode that can raise sanitized errors while keeping defaults backward compatible.
Use .github/ISSUE_TEMPLATE forms. Include repro steps, logs, and environment info. Security concerns should go to the process in SECURITY.md rather than public issues.