diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 00000000..7f95e877 --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,41 @@ + + +# Repository Guidelines +## Project Structure & Module Organization +- Source: `nettacker/` (CLI: `nettacker/main.py`, API: `nettacker/api/`, core libs: `nettacker/core/`, modules: `nettacker/modules/`). +- Entry points: `nettacker.py` (Python) and `poetry` script `nettacker`. +- Tests: `tests/` (mirrors package layout: `tests/core/`, `tests/lib/`, etc.). +- Docs & assets: `docs/`, `nettacker/web/static/`. +- Runtime data (not for commit): `.nettacker/data/` (DB at `.nettacker/data/nettacker.db`, results in `.nettacker/data/results/`). + +## Build, Test, and Development Commands +- Install: `poetry install` (uses `pyproject.toml`). +- Lint/format (all hooks): `make pre-commit` or `pre-commit run --all-files`. +- Tests: `make test` or `poetry run pytest` (coverage configured via `pyproject.toml`). +- Run CLI: `poetry run nettacker --help` or `python nettacker.py --help`. +- Docker (web UI): `docker-compose up`. + +## Coding Style & Naming Conventions +- Python 3.9–3.12 supported. Use 4-space indents. +- Line length: 99 chars (`ruff`, `ruff-format`, `isort` profile=black). +- Names: modules/files `lower_snake_case`; functions/vars `lower_snake_case`; classes `PascalCase`; constants `UPPER_SNAKE_CASE`. +- Keep functions small, typed where practical, and add docstrings for public APIs. + +## Testing Guidelines +- Framework: `pytest` (+ `pytest-asyncio`, `xdist`). +- Location/pattern: place tests under `tests/`; name files `test_*.py`; parametrize where useful. +- Coverage: enforced via `--cov=nettacker` (see `tool.pytest.ini_options`). Add tests with new features and for bug fixes. +- Run subsets: `poetry run pytest -k `. + +## Commit & Pull Request Guidelines +- Commit messages: imperative tense, concise subject; reference issues (`Fixes #123`). +- Before pushing: `pre-commit run --all-files` and `make test` must pass. +- PRs: include a clear description, rationale, linked issue(s), test evidence (logs or screenshots for web UI), and update docs if behavior changes. + +## Security & Configuration Tips +- Legal/ethics: only scan assets you are authorized to test. +- Secrets: never commit API keys, DBs, or results; `.nettacker/data/` is runtime-only. +- Config: defaults in `nettacker/config.py` (API key, DB path, paths). Review sensitive headers list before logging.