How to contribute
March 20, 2026 · View on GitHub
Communication
- Bug Reports & Feature Requests: GitHub Issues
- Questions: GitHub Discussions or Discord
All communication in these forums abides by our Code of Conduct.
Creating issues
If any part of the project has a bug or documentation mistakes, please let us know by opening an issue. All bugs and mistakes are considered very seriously, regardless of complexity.
Before creating an issue, please check that an issue reporting the same problem does not already exist. To make the issue accurate and easy to understand, please try to create issues that are:
- Unique -- do not duplicate existing bug report. Duplicate bug reports will be closed.
- Specific -- include as much details as possible: which version, what environment, what configuration, etc.
- Reproducible -- include the steps to reproduce the problem. Some issues might be hard to reproduce, so please do your best to include the steps that might lead to the problem.
- Isolated -- try to isolate and reproduce the bug with minimum dependencies. It would significantly slow down the speed to fix a bug if too many dependencies are involved in a bug report. Debugging external systems that rely on this project is out of scope, but guidance or help using the project itself is fine.
- Scoped -- one bug per report. Do not follow up with another bug inside one report.
It may be worthwhile to read Elika Etemad’s article on filing good bug reports before creating a bug report.
Maintainers might ask for further information to resolve an issue.
Finding issues
You can find issues by priority: Urgent, High, Medium, Low, Maybe. There are also good first issues.
Contribution flow
This is a rough outline of what a contributor's workflow looks like:
- Create an issue
- Fork the project
- Create a feature branch
- Push changes to your branch
- Submit a pull request
- Respond to feedback from project maintainers
- Rebase to squash related and fixup commits
- Get LGTM from reviewer(s)
- Merge with a merge commit
Creating new issues is one of the best ways to contribute. You have no obligation to offer a solution or code to fix an issue that you open. If you do decide to try and contribute something, please submit an issue first so that a discussion can occur to avoid any wasted efforts.
Legal requirements
In order to protect the project, all contributors are required to sign our Contributor License Agreement before their contribution is accepted.
The signing process has been automated by CLA Assistant during the Pull Request review process and only requires responding with a comment acknowledging the agreement.
Common tasks
We use mage to run common tasks in the project.
Mage can be installed system-wide, or can be run with no installation with go run mage.go
Testing
In order to build and test the project, the latest stable version of Go and knowledge of a working Go environment are required.
mage test:unit
To run integration tests (for example when testing datastores):
mage test:integration
Run mage or mage -l for a full list of test suites.
Using t.Parallel
t.Parallel is often recommended as a way of speeding up test execution. Our experience in
this repo is that because of the number of test packages and the fact that go test
already parallelizes over test packages, t.Parallel mostly increases peak memory usage
without meaningfully speeding up test execution. If you're going to use t.Parallel,
ensure that it actually speeds up the test in question.
Linting
SpiceDB uses several linters to maintain code and docs quality.
Run them with:
mage lint:all
See mage -l to run specific linters.
Commit messages
This project follows Conventional Commits for commit messages.
Adding dependencies
This project does not use anything other than the standard Go modules toolchain for managing dependencies.
go get github.com/org/newdependency@version
Continuous integration enforces that go mod tidy has been run.
mage deps:tidy can be used to tidy all go modules in the project at once.
Updating generated Protobuf code
All Protobuf code is managed using buf.
To regenerate the protos:
mage gen:proto
Test a local change with Docker Compose
Run docker compose up --build.
You can then use zed against it, for example:
zed context set example localhost:50051 foobar --insecure
zed import development/schema.yaml
You can also run a load test against it with Apache Benchmark. For example:
{
echo '{"items":['
for i in $(seq 1 200); do
d=$(( (RANDOM % 9999) + 1 ))
echo -n "{\"resource\":{\"objectType\":\"document\",\"objectId\": \"${d}\"}, \"permission\":\"view\",\"subject\":{ \"object\": {\"objectType\": \"user\", \"objectId\": \"1\"}}}"
[ $i -lt 200 ] && echo -n ","
done
echo "], \"with_tracing\": true}"
} > payload.json
ab -n 100000 -c 200 -T 'application/json' -H 'Authorization: Bearer foobar' -p payload.json http://localhost:8443/v1/permissions/checkbulk
You can also do things like:
- Access CockroachDB Admin UI: http://localhost:8080
- Access Grafana: http://localhost:3000
- Run profiler, for example:
go tool pprof --http=:6060 "http://localhost:9090/debug/pprof/profile?seconds=60"