Thanks for considering a contribution. redactkit aims to stay small, focused, and zero-runtime-dep — please read this before opening a PR.
git clone https://github.com/CoreNovus/redactkit
cd redactkit
python -m venv .venv && source .venv/bin/activate
pip install -e ".[dev]"
pytest -q && ruff check . && pyright srcAll three checks must be green before opening a PR. CI runs the same matrix on Python 3.10 / 3.11 / 3.12 / 3.13.
- Bug fixes with a regression test that fails before / passes after.
- New denylist terms for
DEFAULT_KEY_TERMS— must demonstrate a real secret-leak class, not a theoretical one. Open an issue first if unsure. - New
redact_*helpers that solve a structured-data redaction case (URLs, headers, log records) without pulling in a runtime dependency.
- Free-form text PII / NLP detection — out of scope. Use Presidio or scrubadub.
- New runtime dependencies. "Zero deps" is a load-bearing differentiator.
- Performance optimizations without a benchmark showing the win on a realistic payload size (<10 KB JSON).
- Tests added/updated;
pytest -qgreen -
ruff check .clean -
pyright srcclean (we run strict) -
CHANGELOG.mdentry under[Unreleased] - Public API changes reflected in
README.mdandsrc/redactkit/__init__.py's__all__
First-response SLA: 5 business days. PRs that have been green for 7 days without maintainer feedback can be pinged with a comment.
By contributing you agree your work is licensed under the MIT License.