Thank you for your interest in contributing! This document provides guidelines and instructions for contributing to the express-swagger-auto project.
This project adheres to the Contributor Covenant Code of Conduct. By participating, you are expected to uphold this code. Please report unacceptable behavior to the maintainers.
- Getting Started
- Development Workflow
- Commit Guidelines
- Testing
- Documentation
- Submitting Changes
- Code Style
- Release Process
- Node.js 16+ (tested with 16, 18, 20, 22)
- pnpm 8+ (monorepo package manager)
- Git 2.x+
- TypeScript knowledge (project is TypeScript-first)
-
Fork the repository
# Visit https://github.com/iAn-P1nt0/express-swagger-auto/fork -
Clone your fork
git clone https://github.com/YOUR_USERNAME/express-swagger-auto.git cd express-swagger-auto -
Add upstream remote
git remote add upstream https://github.com/iAn-P1nt0/express-swagger-auto.git
-
Install dependencies
pnpm install
-
Verify setup
pnpm build pnpm test pnpm lintAll commands should complete without errors.
Use conventional branch naming:
# Features
git checkout -b feature/security-detector-enhancements
# Bug fixes
git checkout -b fix/route-discovery-cycle-detection
# Documentation
git checkout -b docs/add-migration-guide
# Performance improvements
git checkout -b perf/lazy-schema-loading
# Refactoring
git checkout -b refactor/validator-registry-
Start development mode (watches TypeScript changes)
pnpm dev
-
Run tests in watch mode
pnpm test:watch
-
Generate coverage report
pnpm test:coverage
-
Type check only (without building)
pnpm typecheck
-
Lint code
pnpm lint pnpm lint:fix # Auto-fix issues
All contributions must include tests. Here's what's expected:
- Test individual functions and classes
- Place in same directory as source:
src/module/Feature.test.ts - Use Vitest (already configured)
- Aim for >85% coverage for new code
- Test how modules work together
- Verify real-world scenarios
- Add to
src/integration.test.ts - Test with actual Express apps when applicable
- Test example apps work end-to-end
- Run:
cd examples/decorator-example && pnpm test
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
import { Feature } from './Feature';
describe('Feature', () => {
let instance: Feature;
beforeEach(() => {
instance = new Feature();
});
afterEach(() => {
// Cleanup
});
it('should do something', () => {
const result = instance.someMethod();
expect(result).toBe(expectedValue);
});
it('should handle errors', () => {
expect(() => instance.invalidMethod()).toThrow();
});
});We follow Conventional Commits for clear commit history.
<type>(<scope>): <subject>
<body>
<footer>
feat: New featurefix: Bug fixdocs: Documentation changesstyle: Code style changes (not affecting logic)refactor: Code refactoringperf: Performance improvementstest: Adding or updating testschore: Build process, dependenciesci: CI/CD configuration changes
Scopes help categorize changes:
cli: CLI interface changescore: Core engine (RouteDiscovery, SpecGenerator)security: Security detection modulewatch: File watching modulevalidators: Validator adaptersparsers: JSDoc and decorator parsersmiddleware: Express middlewaredocs: Documentation filesci: GitHub workflowsbuild: Build configuration
git commit -m "feat(cli): add watch mode for development"
git commit -m "fix(security): improve JWT detection regex"
git commit -m "docs(cli): update command examples"
git commit -m "test(validators): add edge case tests for Yup adapter"
git commit -m "perf(core): implement schema caching"- Use imperative mood: "add feature" not "added feature"
- Be specific: "fix route discovery for nested routers" not "fix bug"
- Reference issues: Include
Fixes #123in body - Keep subject under 50 characters
- Explain why, not what: The code shows what, commit shows why
# Run all tests once
pnpm test
# Watch mode (re-runs on changes)
pnpm test:watch
# Generate coverage report
pnpm test:coverage
# Run specific test file
pnpm test src/security/SecurityDetector.test.ts- New code: ≥85% coverage required
- Core modules (
src/core/*): ≥85% coverage - Overall: Track and aim for 85%+
- Run
pnpm test:coverageto check
Mutation testing helps validate the quality of tests by checking if they can detect small code changes:
# Run mutation testing (time-intensive)
pnpm test:mutation
# Run on core modules only (faster)
pnpm test:mutation:core
# Generate mutation report summary
pnpm mutation-reportTarget mutation scores:
- Core modules: ≥85%
- Parsers/Validators: ≥80%
- CLI: ≥75%
See docs/MUTATION_TESTING.md for detailed guidance.
# Test decorator example
cd examples/decorator-example
pnpm install
pnpm build
pnpm test
# Test jsdoc example
cd examples/jsdoc-example
pnpm install
pnpm test
# Test runtime example
cd examples/runtime-example
pnpm install
node index.js # Should start server- User Docs:
docs/folderdocs/CLI.md- Command referencedocs/SECURITY.md- Security guidedocs/PERFORMANCE.md- Performance tuningdocs/API.md- API reference (if adding public APIs)
- Code Comments: Use JSDoc for public APIs
- Examples:
examples/folder with working apps - Release Notes:
CHANGELOG.md
-
Public APIs must have JSDoc
/** * Discovers routes in an Express application * @param app Express Application or Router * @returns Array of discovered routes */ public discover(app: ExpressApp): RouteMetadata[] { // ... }
-
Update docs when changing behavior
- If CLI flags change, update
docs/CLI.md - If API changes, update
docs/API.md - If security scheme detection changes, update
docs/SECURITY.md
- If CLI flags change, update
-
Add examples for complex features
- Include code snippets in documentation
- Preferably link to working example apps
-
Sync with upstream
git fetch upstream git rebase upstream/main
-
Build and test
pnpm install pnpm build pnpm test pnpm lint:fix -
Check for conflicts
git status # Should be clean
-
Push your branch
git push origin feature/your-feature
-
Create PR on GitHub
- Use the PR template (auto-provided)
- Link related issues: "Fixes #123"
- Describe what and why
- List testing steps
-
PR Title Format
feat(scope): brief description fix(scope): brief description docs(scope): brief description
Before submitting, ensure:
- Tests added/updated
- All tests pass (
pnpm test) - Code linted (
pnpm lint) - Build succeeds (
pnpm build) - TypeScript compiles (
pnpm typecheck) - Documentation updated (if applicable)
- Commit messages follow convention
- No unrelated changes included
- No console.logs or debug code
- No breaking changes (or documented)
-
Automated Checks
- CI/CD workflows must pass
- Coverage must not decrease significantly
- All tests must pass
-
Code Review
- At least one maintainer review required
- Feedback will be provided on design/implementation
- Discussion on tradeoffs is encouraged
-
Changes Requested
- Address feedback in follow-up commits
- Push to same branch (PR auto-updates)
- Re-request review when ready
- Formatter: Prettier (configured in
package.json) - Linter: ESLint with TypeScript support
- Auto-fix: Run
pnpm lint:fixto fix style issues
// ✅ Use const, not let or var
const discovery = new RouteDiscovery();
// ✅ Explicit type annotations for public APIs
public generate(routes: RouteMetadata[]): OpenAPISpec {
// ✅ Use interfaces for public types
export interface OpenAPIInfo {
title: string;
version: string;
}
// ✅ Prefer early returns
if (!routes) return [];
if (routes.length === 0) return [];
// ✅ Use meaningful variable names
const routeMetadata = discovery.discover(app);
// ❌ Avoid single-letter variables (except loop counters)
const x = 5; // Bad
const routeCount = 5; // Good
// ✅ Use async/await, not .then()
const spec = await generator.generate(routes);
// ✅ Group related functionality together
describe('RouteDiscovery', () => {
describe('initialization', () => { ... });
describe('discovery', () => { ... });
});src/
├── core/ # Core engine
│ ├── RouteDiscovery.ts
│ ├── SpecGenerator.ts
│ └── *.test.ts
├── security/ # Security module
│ ├── SecurityDetector.ts
│ ├── SecurityDetector.test.ts
│ └── index.ts
├── watch/ # File watching
├── validators/ # Validator adapters
├── parsers/ # JSDoc/Decorator parsers
├── middleware/ # Express middleware
├── decorators/ # Decorator system
├── types.ts # Shared types
├── index.ts # Public exports
└── cli.ts # CLI entry point
We follow Semantic Versioning:
- MAJOR (1.0.0): Breaking changes
- MINOR (0.1.0): New features (backward compatible)
- PATCH (0.0.1): Bug fixes
-
Update Version
npm version minor # or patch/major -
Update CHANGELOG.md
- Document all changes since last release
- Group by: Added, Changed, Fixed, Removed, Security
- Link to PRs where applicable
-
Run Full Test Suite
pnpm clean pnpm install pnpm build pnpm test -
Create GitHub Tag
git tag v0.2.0 git push origin v0.2.0
-
Publish to npm
npm publish
-
Create GitHub Release
- Use automated GitHub Releases feature
- Copy CHANGELOG excerpt to release notes
Usually 1-3 days for maintainer review. Critical fixes may be faster.
Prefer one feature/fix per branch and PR. Easier to review and revert if needed.
File an issue with:
- Detailed description
- Steps to reproduce
- Expected vs actual behavior
- Environment (Node version, Express version, OS)
Open an issue with:
- Use case and motivation
- Proposed API (if applicable)
- Any implementation ideas
- Maintainer will reach out after 2 weeks
- You can update branch:
git rebase upstream/main - Re-request review when ready
- Project Goals: See ROADMAP.md
- Architecture: See CLAUDE.md (internal guardrails)
- Setup Guide: See README.md
- API Reference: See
docs/API.md - Security Guide: See
docs/SECURITY.md
- Documentation: Check
docs/folder - Issues: Browse GitHub Issues
- Discussions: Use GitHub Discussions
Thank you for contributing! Your efforts help make express-swagger-auto better for everyone. 🎉