Contributing — Lantern

Welcome! To keep Lantern secure, maintainable, and welcoming, please follow these guidelines.

Quick checklist

• Enable 2FA on your GitHub account and link your work email.
• Fork & open PRs from feature branches; keep PRs small and focused.
• Include tests for new behavior and run the test suite locally before opening a PR.
• All PRs must pass automated checks: lint, unit tests, SAST, dependency scanning.
• Remove secrets from code; use Secret Manager for production secrets.
• Explicitly reference ISSUE-### in PRs to link work to tracked tickets.

Security expectations

• Sensitive features (auth, payments, redemptions) require design reviews and a security reviewer on PRs.
• If you find a security issue, follow security/VULNERABILITY_DISCLOSURE.md and do not post details publicly.

Getting started

• Run npm install and npm run dev.
• See TECHSTACK.md for recommended tools and infra.

Thanks for contributing — your work helps keep Lantern safe and mission-focused.