This OSS aims to simulate the security and privacy risks of Machine Learning. This tool allows users to experiment with various combinations of attacks and defenses against ML/DL models, such as Model Inversion Attacks, Poisoning Attacks, BackDoor Attacks, Differential Privacy, Encryption, K-Anonnymization, and Federated Learning. I have implemented these algorithms with Python and C++. I use black, isort, pytest, and codacy to check the quality of codes. I also generate the documentation with sphinx, but the quality is not high. The coverage of test codes is around 70%.

Since I do not have much experience with OSS projects, I don't know the best practices for OSS management and development. For example, I guess I should do the following:

- Improving the coverage of test codes

- Making documents more informative and clearer

- Writing blog posts (in many languages)

- Implementing more algorithms

- Unifying APIs for different algorithms

- Create some good-first-issuesfor new contributors

- Gathering contributors, etc

How should I prioritize them? How do you keep motivated? Some people demand a lot without gratitude or contributions (of course, most people are really lovely!). I will be a senior in April, so I must also prepare for MS or Ph.D. applications. I also have to work for my tuition. How much time do you usually spend on OSS? Should I focus on other things like research internships?

Any suggestions are really welcome —many thanks for considering my question.