Thank you for your interest in contributing to contentstack-webhook-verify! This document provides guidelines and instructions for setting up the development environment and contributing to the project.
- Development Setup
- Project Structure
- Development Workflow
- Code Standards
- Testing
- Submitting Changes
- Release Process
Before you begin, ensure you have the following installed:
- Node.js (v18.0.0 or higher)
- npm (v8.0.0 or higher)
- Git
-
Fork and Clone the Repository
# Fork the repository on GitHub, then clone your fork git clone https://github.com/hanoak/contentstack-webhook-verify.git cd contentstack-webhook-verify
-
Install Dependencies
npm install
-
Build the Project
npm run build
-
Verify Setup
# Check if TypeScript compilation works npm run build # Run linting npm run lint:fix # Format code npm run prettify
This project uses the following configuration files:
- TypeScript:
tsconfig.json - ESLint:
eslint.config.js - Prettier:
.prettierrc(if exists) or default configuration - Git Hooks:
.lintstagedrc.jsonfor pre-commit hooks - Husky: Pre-commit hooks configuration in
package.json
contentstack-webhook-verify/
├── src/ # Source code
│ ├── index.ts # Main entry point
│ ├── config/ # Default configuration
│ │ └── index.ts
│ ├── constants/ # Constants and regions
│ │ └── index.ts
│ ├── types/ # TypeScript type definitions
│ │ └── index.ts
│ └── utils/ # Utility functions
│ ├── error.ts # Custom error class
│ ├── replay-verify.ts
│ ├── request.ts # HTTP request handling
│ ├── signature-verify.ts
│ └── validate.ts # Input validation
├── dist/ # Compiled JavaScript (generated)
├── .lintstagedrc.json # Lint-staged configuration
├── eslint.config.js # ESLint configuration
├── tsconfig.json # TypeScript configuration
├── package.json # Project configuration
└── README.md # Project documentation
Use descriptive branch names with the following prefixes:
feature/- New featuresfix/- Bug fixesdocs/- Documentation updatesrefactor/- Code refactoringtest/- Testing improvements
Examples:
git checkout -b feature/add-custom-headers-support
git checkout -b fix/signature-validation-edge-case
git checkout -b docs/update-api-reference| Script | Description |
|---|---|
npm run build |
Compile TypeScript to JavaScript |
npm run prepare |
Automatic build before publishing |
npm run lint:fix |
Run ESLint and fix auto-fixable issues |
npm run prettify |
Format code with Prettier |
npm run precommit |
Run pre-commit checks |
-
Create a Feature Branch
git checkout -b feature/your-feature-name
-
Make Your Changes
- Write code following the established patterns
- Add TypeScript types for any new interfaces
- Update documentation if needed
-
Test Your Changes
# Build the project npm run build # Run linting npm run lint:fix # Format code npm run prettify
-
Commit Your Changes
The project uses Husky for pre-commit hooks that will automatically:
- Run Prettier on all files
- Run ESLint on TypeScript files
- Ensure code quality before commits
git add . git commit -m "feat: add support for custom headers"
- Use strict TypeScript configuration
- Define explicit types for all function parameters and return values
- Use interfaces for object shapes
- Prefer
constassertions where appropriate - Use meaningful variable and function names
The project uses:
- Prettier for code formatting
- ESLint for code quality and consistency
- TypeScript strict mode
Key style preferences:
- Use double quotes for strings
- Use semicolons
- 2-space indentation
- Trailing commas in multiline structures
- Use kebab-case for file names:
signature-verify.ts - Use PascalCase for class names:
WebhookError - Use camelCase for function and variable names:
verifySignature - Use SCREAMING_SNAKE_CASE for constants:
CS_REGIONS
- Use JSDoc comments for all public functions
- Include parameter descriptions and return types
- Add usage examples for complex functions
- Keep README.md updated with any changes
Example JSDoc:
/**
* Verifies the authenticity of a webhook request signature.
*
* @param headerSignature - The signature from the webhook header
* @param publicKey - The public key for verification
* @param requestBody - The webhook request body
* @throws {WebhookError} When signature verification fails
*/- Use the custom
WebhookErrorclass for all webhook-related errors - Provide descriptive error messages
- Include context in error messages when helpful
- Handle edge cases gracefully
For now, the project relies on manual testing:
- Build the project to ensure TypeScript compilation works
- Run linting to catch potential issues
- Test with real webhook payloads if possible
We welcome contributions to add:
- Unit tests with Jest or similar
- Integration tests
- Mock webhook payload testing
- Automated CI/CD pipeline
-
Ensure Your Fork is Up to Date
git remote add upstream https://github.com/hanoak/contentstack-webhook-verify.git git fetch upstream git checkout main git merge upstream/main
-
Push Your Changes
git push origin feature/your-feature-name
-
Create a Pull Request
- Go to GitHub and create a pull request
- Use a descriptive title and description
- Reference any related issues
- Include testing instructions if applicable
- Title: Use conventional commit format:
feat:,fix:,docs:, etc. - Description: Explain what changes were made and why
- Testing: Describe how to test the changes
- Breaking Changes: Clearly mark any breaking changes
Example PR description:
## Description
Adds support for custom HTTP headers in webhook verification requests.
## Changes
- Added `customHeaders` option to `ConfigOptions`
- Updated request utility to include custom headers
- Added TypeScript types for new option
- Updated documentation with usage examples
## Testing
- Built project successfully
- Tested with custom headers in development environment
- All existing functionality remains unchanged
## Breaking Changes
None - this is a backward-compatible addition.- All pull requests require review before merging
- Address any feedback from reviewers
- Ensure all checks pass (linting, building)
- I will merge approved PRs
This project follows Semantic Versioning:
- MAJOR version for incompatible API changes
- MINOR version for backwards-compatible functionality
- PATCH version for backwards-compatible bug fixes
- Update version in
package.json - Update
CHANGELOG.md(if exists) - Create a git tag
- Publish to npm registry
VS Code Extensions (recommended):
- TypeScript and JavaScript Language Features
- ESLint
- Prettier - Code formatter
- Auto Import - ES6, TS, JSX, TSX
- Use
console.logfor debugging during development - Remove debug logs before committing
- Use TypeScript's strict mode to catch potential issues early
- Keep the library lightweight with no runtime dependencies
- Optimize for common use cases
- Consider memory usage in long-running applications
- GitHub Issues: For bug reports and feature requests
- GitHub Discussions: For questions and general discussion
- Pull Request Comments: For code-specific discussions
Build Failures:
- Ensure Node.js version is compatible
- Clear
node_modulesand reinstall:rm -rf node_modules package-lock.json && npm install - Check TypeScript compilation errors
Linting Errors:
- Run
npm run lint:fixto auto-fix issues - Check ESLint configuration if new rules are needed
Pre-commit Hook Failures:
- Fix linting and formatting issues
- Ensure all files are properly staged
- Check Husky configuration if hooks aren't running
- Be respectful and inclusive
- Focus on constructive feedback
- Help others learn and grow
- Maintain a professional environment
If you encounter any behavior that violates our standards, please report it by:
- Opening a GitHub issue
- Contacting the project maintainers directly
Contributors will be recognized in:
- GitHub contributor list
- Release notes for significant contributions
- Special mentions for outstanding contributions
Thank you for contributing to contentstack-webhook-verify! Your contributions help make webhook security more accessible to the developer community.