Submitting patches
-
Always make a new branch for your work.
-
Patches should be small to facilitate easier review. Studies have shown that review quality falls off as patch size grows. Sometimes this will result in many small PRs to land a single large feature.
-
Larger changes should be discussed on our mailing list before submission.
-
New features and significant bug fixes should be documented in the Changelog .
-
You must have legal permission to distribute any code you contribute to
cryptography, and it must be available under both the BSD and Apache Software License Version 2.0 licenses.
If you believe you’ve identified a security issue in
cryptography
, please
follow the directions on the
security page
.
Code
When in doubt, refer to
PEP 8
for Python code. You can check if your code
meets our automated requirements by formatting it with
ruff format
and
running
ruff
against it. If you’ve installed the development requirements
this will automatically use our configuration. You can also run the
nox
job with
nox -e flake
.
Write comments as complete sentences.
Class names which contains acronyms or initialisms should always be
capitalized. A class should be named
HTTPClient
, not
HttpClient
.
Every code file must start with the boilerplate licensing notice:
# This file is dual licensed under the terms of the Apache License, Version
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
# for complete details.