Thank you for your interest in contributing to bybit-cli! As a community-maintained project, we rely on contributors to keep this tool robust and secure.
Because this tool manages financial credentials and executes real trades, security is our absolute priority.
- Read the SecureSDLC: All contributions must adhere to our security lifecycle.
- No Leaks: Never include API keys, secrets, or personal data in your PRs or issues.
- Audit: We audit all dependencies. If you add a new crate, please justify why it is necessary and ensure it is widely used and well-maintained.
Ensure you have the latest stable Rust toolchain installed.
cargo build
cargo test
cargo audit -D warnings- Linting: Run
cargo clippy --all-targets -- -D warningsbefore submitting. - Formatting: Run
cargo fmt. - Tests: All PRs must include tests. Add integration tests for new features in
tests/integration/and unit tests for internal logic insrc/. We aim for 100% command and line coverage.
- Keep PRs focused on a single feature or bug fix.
- Update
README.mdandskills/if you add new commands or workflows. - If you add a new CLI command, make sure to also update the MCP registry in
src/mcp/registry.rs. - Run
cargo test --test doc_syncafter command-surface or documentation changes. Usecargo run --example command_inventoryto inspect the live clap command inventory when updating docs. - If you touch the MCP registry or service list, regenerate
agents/mcp-tool-catalog.jsonwithcargo run --example mcp_tool_catalog > agents/mcp-tool-catalog.jsonand runcargo test --test mcp_catalog_sync.
Remember that this is an unofficial tool. Avoid using Bybit's official branding or implying any affiliation with Bybit in your contributions.
By contributing, you agree that your code will be licensed under the project's MIT License.