kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
Files
f8cdbf8d74367bf2fea3bc67197c5b428ac5154e
consentos/CONTRIBUTING.md
James Cottrill fbf26453f2 feat: initial public release 
ConsentOS — a privacy-first cookie consent management platform.

Self-hosted, source-available alternative to OneTrust, Cookiebot, and
CookieYes. Full standards coverage (IAB TCF v2.2, GPP v1, Google
Consent Mode v2, GPC, Shopify Customer Privacy API), multi-tenant
architecture with role-based access, configuration cascade
(system → org → group → site → region), dark-pattern detection in
the scanner, and a tamper-evident consent record audit trail.

This is the initial public release. Prior development history is
retained internally.

See README.md for the feature list, architecture overview, and
quick-start instructions. Licensed under the Elastic Licence 2.0 —
self-host freely; do not resell as a managed service.
2026-04-14 09:18:18 +00:00

2.7 KiB
Raw Blame History

Contributing to ConsentOS

Thanks for your interest in contributing! This document explains how to get started.

Code of Conduct

This project follows the Contributor Covenant Code of Conduct. By participating, you are expected to uphold this code.

Getting Started

Prerequisites

  • Docker and Docker Compose v2.15+
  • Node.js 20+
  • Python 3.12+
  • uv (Python package manager)

Local Setup

# Clone the repository
git clone https://github.com/consentos/consentos.git
cd consentos

# Copy the example environment file
cp .env.example .env

# Start all services
make up

# Run database migrations
make migrate

# Seed the known cookies database
make seed

# Verify everything is running
# API:      http://localhost:8000/docs
# Admin UI: http://localhost:5173
# CDN:      http://localhost:8080

Running Tests

# Start test infrastructure (PostgreSQL + Redis)
make test-infra-up

# Run API tests
make test

# Run with coverage
make test-cov

# Run banner tests
cd apps/banner && npm test

# Run admin UI tests
cd apps/admin-ui && npm test

# Stop test infrastructure
make test-infra-down

Making Changes

Branch Naming

Create a branch from master using the convention:

<type>/<short-description>

Examples: feat/add-geo-rules, fix/consent-cookie-expiry, docs/api-examples

Commit Messages

We use Conventional Commits:

feat: add regional consent mode overrides
fix: correct TC string encoding for vendor consents
docs: document compliance rule engine
chore: update Python dependencies
refactor: simplify cookie classification pipeline
test: add integration tests for scanner API

Code Standards

  • Python: Type hints everywhere. Linted with Ruff, type-checked with MyPy (strict mode)
  • TypeScript: Strict mode enabled. Linted with ESLint
  • SQL: CTEs over subqueries, explicit column lists (no SELECT *)
  • Language: British English in all prose, comments, and UI strings

Before Submitting

  1. Run make check (lint + tests) and ensure it passes
  2. Add or update tests for any changed behaviour
  3. Ensure no secrets or credentials are committed

Pull Requests

  • Keep PRs focused — one logical change per PR
  • Write a clear title (under 70 characters) and description
  • Link to any related issues
  • All CI checks must pass before merge
  • PRs require at least one approving review

Reporting Issues

Licence

By contributing, you agree that your contributions will be licensed under the Elastic License 2.0.

Reference in New Issue View Git Blame Copy Permalink