Contributing¶
Development setup¶
Project structure¶
servasec/
├── backend/ # Go backend (Gin + GORM)
│ ├── controllers/ # HTTP handlers
│ ├── models/ # GORM models
│ ├── parsers/ # Scanner output parsers
│ ├── routes/ # Route registration
│ ├── services/ # Business logic
│ ├── middleware/ # Auth, CSRF, rate limit
│ └── pro/ # Pro feature interfaces
├── frontend/ # Next.js web UI
│ └── src/
│ ├── components/ # React components
│ ├── pages/ # Page routes
│ └── lib/ # API client, types
├── caddy/ # Reverse proxy config
└── deploy/ # Podman Quadlet files
Architecture¶
Key technologies¶
- Backend: Go 1.25, Gin, GORM, Casbin (RBAC), JWT auth
- Frontend: Next.js 14, TypeScript, shadcn/ui, Tailwind CSS, Recharts
- Infra: Docker Compose, Caddy 2, PostgreSQL 15
Pull request process¶
- Create a feature branch from
develop - Run
make devand verify your changes - Add or update tests
- Submit a PR with a clear description
License¶
AGPL-3.0 for community edition. Commercial license for Pro features.