-
-
Notifications
You must be signed in to change notification settings - Fork 23
/
CONTRIBUTING.txt
159 lines (106 loc) · 12.7 KB
/
CONTRIBUTING.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
===============================================================================================================================================
===============================================================================================================================================
===============================================================================================================================================
=========================
ETHOS OF THIS PROJECT:
=========================
- The primary goal of the Open Crypto Tracker project is to provide a 100% FREE / PRIVATE / Open Source cryptocurrency tracker to the crypto community, that 'just works', is easy to use, AND maintains a high level of user privacy / security.
- The "server edition" of this app can run 24/7 (with very little electricity usage costs, depending on what machine runs it) on a Debian / Ubuntu / DietPi OS / RaspberryPi OS / Armbian / Windows / Mac installation on a user's internal / home network, OR regular full website server, saving price chart data and sending out price alerts (or doing any other background task) any time of the day or night...even on a raspberry pi zero (~$30 full kit / ~1 watt power usage). The "desktop edition" of this app runs as a local / native app on a PC (just download / run it), allowing for easy installation by less technically-advanced users.
- The design of this app is minimalist ON PURPOSE to achieve all the above-mentioned important properties, all while still ABLE TO RUN ON LOW POWER hardware (raspberry pi / pine64 / etc). This helps to make the app a feasible choice for end-users of ANY portfolio size large or small, in ANY country in the world.
- This app is primarily PHP-based, allowing it to easily run on ANY PHP-enabled website server (on the web, OR your local / internal private home or office network). Because this app can be installed on a regular app server on the internet, we *MUST* MINIMIZE *potential* exposure of user information (in case the app server's operating system is ever hacked, OR their is a vulnerability bug in the app's code), so that security / privacy within this app is MAXIMIZED, thereby MINIMIZING detrimental impacts of unauthorized (hacked) access to user data. In this specific case of attempting to maximize security / privacy of user data, the "less is more" approach works best (features / security is always a balance that must be considered in any app, but ESPECIALLY in a cryptocurrency app). ADDITIONALLY, these considerations become EVEN MORE IMPORTANT if an end-user's portfolio grows in value over the years (to HELP AS MUCH AS POSSIBLE in protecting them from digital / physical attacks, like "catfishing" / "pig butchering" / "$5 wrench attacks" / etc).
- There is no rush here to add features EVER, as this is a "passion project" (NOT for profit). Generally-speaking, there is NO "paying for a feature", OTHER THAN *GRANTS* FOR INTEGRATION OF *VERY POPULAR* SERVICES / PUBLIC GOODS. If entities want to donate to the project, it must either be a "GENERALIZED donation" *NOT* tied to any specific verbal OR contract / agreement between the donors and developers, OR *GRANTS* FOR INTEGRATION OF *VERY POPULAR* SERVICES / PUBLIC GOODS. WE DON'T WANT TO ADD **ANYTHING** TO THIS APP THAT DOESN'T SERVE AS USEFUL TO **EVERYONE**, AND *ONLY SERVES AS USEFUL FOR* A SMALL GROUP OF WEALTHY PEOPLE / DEVELOPERS MAKING A QUICK DOLLAR! THIS IS HOW YOU DESTROY GOOD PROJECTS! :o
- One of the primary pillars as mentioned above is "ALWAYS 100% FREE and open source". This is how the backbone of the ENTIRE underlying internet was built out in the 1990's. This project is HEAVILY COMMITTED to this ideal. Accepting donations must NEVER prioritize development for the few over the many, PERIOD. The goal here is to create / maintain software that ANYBODY can find useful, redistribute, fork, and modify to their liking (WITH ATTRIBUTION / under the GPLv3 license...NEVER REMOVE ANY ATTRIBUTION WHEN REDISTRIBUTING).
===============================================================================================================================================
===============================================================================================================================================
===============================================================================================================================================
============================================
CONTRIBUTION GUIDELINES (FOR DEVELOPERS):
============================================
- NEVER REMOVE ANY ATTRIBUTION WHEN CONTRIBUTING OR REDISTRIBUTING. NEVER CHANGE THE LICENSING ON THIS APP, OR ANY 3RD-PARTY LIBRARIES YOU USE OR THAT ARE ALREADY INCLUDED IN THIS APP.
- Please review the above "ETHOS OF THIS PROJECT" section, to see if your planned iterations are in line with this project's main pillars / objectives. Maybe even contact the project lead, to run your ideas by them and get feedback before you start coding. Remember you also can fork this project, if you have a different set of objectives in mind.
- NO PACKAGE MANAGERS (Composer etc)!!! This app is built with STRICT SECURITY AS A CORE ETHOS VALUE, AND *ALL* PACKAGE MANAGERS ARE VULNERABLE TO SUPPLY CHAIN ATTACKS! Using package managers opens an app up to supply chain attack vectors, not to mention could potentially bloat the codebase beyond practicality of security code reviews (of however many 'recently-auto-updated' dependencies there are). If a library can install WITHOUT a package manager (even if it requires a few dependencies), THAT IS OK / GO FOR IT. Otherwise, don't use that library.
- Please consider using "snake case" when creating variables / classes / etc, to match the coding style of the app. This helps a lot during code reviews to find bugs and security issues in more complex code, by making the code easier to read through. Camel-case is VERY EASY to forget to ALWAYS use uppercase properly in heavy amounts of code, and finding BUGGY code can be a real PITA!
- Please consider using spaces instead of tab spacing when nesting / indenting. This makes it easier when refactoring code, if we need more nested indentation to read code cleaner for code reviews.
- Please optimize your logic after fleshing it out, and make sure everything works as intended, AND assure it reads clean during code reviews. Other contributors should NOT need to 'fix' much in your code contributions, as this defeats the purpose of having multiple contributors. THERE IS NO RUSH HERE, THIS IS FREE SOFTWARE. You can take all the time you need, and get it right.
- Please make sure you use decent SEMANTICS for your variable / class names, etc. This goes a VERY long way twords making code readable during code reviews.
- Please add enough comments to your code to clarify what's going on, ESPECIALLY for moderate to heavy logic. Just like good semantic naming, this ALSO goes a VERY long way twords making code readable during code reviews.
- Be liberal with spacing and new lines in your logic. This ALSO goes a VERY long way twords making code readable during code reviews.
- CONSIDER when you should be breaking up LARGE class functions into child functions in some areas, EVEN IF IT'S NOT RE-USED ANYWHERE ELSE, IF the code in that area is HEAVILY REPETITIVE (A MILE LONG). This ALSO goes a VERY long way twords making code readable during code reviews.
- ALL code you include in your contribution MUST BE COMPATIBLE WITH THE GPLv3 LICENSE that this app is released under. If you include any code licensed by somebody other than yourself, you MUST leave attribution for them in your contribution. Also ALWAYS include the open source license the code was ORIGINALLY released under (EVEN IF IT IS THE SAME LICENSE THIS APP IS RELEASED UNDER).
-DEV NOTES: This app was developed with bluefish on ubuntu (*NOT* the un-polished windows version) set to "5 spaces" as a tab indentation (AND enable "insert spaces instead of tabs"), and enabling indentation of selected text. THE AMOUNT OF INDENTED SPACING IN FILES #CHANGES AUTOMATICALLY# WHEN "BLUEFISH => PREFERENCES => INITIAL DOCUMENT SETTINGS => TAB WIDTH" IS CHANGED, JUST SO YOU KNOW WHY THE NESTED INDENTS MAY NOT LOOK GOOD ON YOUR SETUP.
-LAST IMPORTANT APP-SPECIFIC NOTES BELOW, and thank you in advance for any considerations by you on contributing to this app's codebase. It's much appreciated, happy coding! :)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
! D O N T F O R G E T T O S Q U A S H T H E B U G S ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
((((c, ,7))))
((((((( ))))))))
((((((( ))))))))
((((((@@@@@@@@@@@))))))))
@@@@@@@@@@@@@@@@)))))))
@@@@@@@@@@@@@@@@@@))))))@@@@
@@/,:::,\/,:::,\@@@@@@@@@@@@@@
@@|:::::||:::::|@@@@@@@@@@@@@@@
@@\':::'/\':::'/@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@\
/ \ ( \
( ) \ \
\ / \
----------------------------------------------------------------------
(CREDIT: https://asciiart.website/index.php?art=animals/insects/other)
----------------------------------------------------------------------
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!
===> Keep an eye out for EFFECTS ON any 3rd party libraries using the 'unload' eventListener,
===> as it's being FULLY DEPRECIATED / DISABLED in chrome by the end of 2024:
===> https://developer.chrome.com/docs/web-platform/deprecating-unload
!!!!
===> WHEN DEBUGGING PHP, LEAVE "$ct['dev']['debug_php_errors']" IN "developer-config.php" SET
===> LIKE SO, TO ALWAYS LOG ALL PARSE / FATAL PHP ERRORS DURING TESTING: (E_ERROR | E_PARSE)
!!!!
===> Set PHP-CLI (for cron) "/etc/php/X.X/cli/php.ini": error_log = /var/log/php_errors.log
===> (run: "sudo touch /var/log/php_errors.log" / "sudo chmod 666 /var/log/php_errors.log")
!!!!
===> Desktop Editions log all PHP errors to: /INSTALL_CRYPTO_TRACKER_HERE/php_errors.log
!!!!
===> Server Edition (on debian) logs Apache PHP errors to: /var/log/apache2/error.log
!!!!
===> Any admin config "category => setting" value SET TO NULL is considered a corrupt value,
===> for the SAKE OF COMPATIBILITY with upgrade detection / processing (use '' instead of null)
!!!!
===> config.php (and plug-conf.php for plugins) MUST only contain STATIC VALUES,
===> as all configs are saved to / run from the cache file: /cache/secured/ct_conf_XXXXXXXXX.dat
!!!!
===> May come in handy for writing PHP unit tests (in /app-lib/php/inline/debugging/):
===> https://stackoverflow.com/questions/861254/iterate-over-properties-of-a-php-class
!!!!
===> See top of the file "/app-lib/js/var_defaults.js", for notes on declaring global / local
===> variables inside javascript-based app logic IN A PROPER MANNER (JS is different from PHP)
!!!!
===> Test in a WebKit-based browser [Epiphany|Safari|Midori], besides Firefox / Chromium.
!!!!
===> Try to wrap up tests / UX / QA / debugging before adding new architecture
===> (find every flaming turd before you start a dumpster fire!).
!!!!
===> Try to break up larger changes into smaller milestones,
===> then plenty of time is spent on UX / testing / debugging.
!!!!
===> PHPbrowserBox (used for Windows Desktop Editions) Shortcut Keys:
===> Reload / refresh browser : Shift + F5 (Mac: Command + R)
===> Open devtools : F12 (Mac: Fn + F12)
!!!!
===> Occasionally update cacert.pem in the main directory:
===> https://curl.se/ca/cacert.pem
!!!!
===> "developer-config.php" contains MANY MANY MANY developer-only configs!
!!!!
===> Don't require any higher than PHP v7.2 until PHP v9 has been out awhile.
!!!!
===> https://www.threesl.com/blog/special-characters-regular-expressions-escape/
!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
===============================================================================================================================================
===============================================================================================================================================
===============================================================================================================================================