Improve contribution documentation #572
Conversation
|
Looks good. No mutations were possible for these changes. |
| will take such reports seriously and work with you to resolve the issue in a | ||
| timely manner. | ||
|
|
||
| [security-advisories]: https://github.com/PicnicSupermarket/error-prone-support/security/advisories |
There was a problem hiding this comment.
Did not know this existed. Nice!
CONTRIBUTING.md
Outdated
| - Make sure that the `mvn clean install` build fully passes, ideally before | ||
| opening a pull request. See the [development |
There was a problem hiding this comment.
Ideally? Or should we make this more mandatory
| - Make sure that the `mvn clean install` build fully passes, ideally before | |
| opening a pull request. See the [development | |
| - Before opening a Pull Request, make sure that the `mvn clean install` | |
| build fully passes. See the [development |
There was a problem hiding this comment.
I was actually thinking about this last night, and realized that if people get stuck, this requirement might discourage them from contributing at all. I proposed a new sentence; PTAL :)
|
Kudos, SonarCloud Quality Gate passed!
|
|
Looks good. No mutations were possible for these changes. |
|
FYI there's a typo on https://bestpractices.coreinfrastructure.org/en/projects/7199. |
|
🤦 Fixed! |
SECURITY.md
Outdated
| timely manner. | ||
|
|
||
| [security-advisories]: https://github.com/PicnicSupermarket/error-prone-support/security/advisories | ||
| [semantic-versioning]: https://semver.org/ |
There was a problem hiding this comment.
| [semantic-versioning]: https://semver.org/ | |
| [semantic-versioning]: https://semver.org |
SECURITY.md
Outdated
| ## Reporting a vulnerability | ||
|
|
||
| To report a vulnerability, please visit the [security | ||
| advisories][security-advisories] page an click _Report a vulnerability_. We |
There was a problem hiding this comment.
| advisories][security-advisories] page an click _Report a vulnerability_. We | |
| advisories][security-advisories] page and click _Report a vulnerability_. We |
CONTRIBUTING.md
Outdated
| That said, if you feel that the build fails for invalid or debatable reasons, | ||
| or if you're unsure how to best resolve an issue, don't let that discourage | ||
| you from opening a PR with a failing build; we can have a look at the issue | ||
| together. |
There was a problem hiding this comment.
While we are at it, I would like to propose to add running the selfcheck here. PTAL.
|
Looks good. No mutations were possible for these changes. |
|
Tweaked suggested commit message as well. |
CONTRIBUTING.md
Outdated
| - Make sure that there are no violations of the newly introduced checks in the | ||
| codebase itself by running the [self check][error-prone-support-self-check]. | ||
| See the [development instructions][error-prone-support-developing] for extra | ||
| context. |
There was a problem hiding this comment.
This mostly repeats the text above. The idea behind referencing the error-prone-support-developing was that we don't need to repeat the self check description.
CONTRIBUTING.md
Outdated
| [error-prone-support-issues]: https://github.com/PicnicSupermarket/error-prone-support/issues | ||
| [error-prone-support-mutation-tests]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/run-mutation-tests.sh | ||
| [error-prone-support-pulls]: https://github.com/PicnicSupermarket/error-prone-support/pulls | ||
| [error-prone-support-self-check]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/apply-error-prone-suggestions.sh |
There was a problem hiding this comment.
This is the auto-fix script, not a full self check. (The details are subtle, which is why I was thinking to only reference the other section.)
|
I'm not sure everyone reads till the end in the |
|
K, I'll get back to this later for a more holistic approach, then. |
|
Added a commit in which I reshuffled and emphasized a few things. Also added a script to run the "full build". |
|
Looks good. No mutations were possible for these changes. |
|
Will rebase and merge this. |
- Explicitly mention that users should run `mvn clean install` before opening a pull request. - Introduce a `SECURITY.md` file as suggested by GitHub.
rickie
force-pushed
the
sschroevers/doc-improvements
branch
from
21dd324 to
f00ad89
Compare
|
Looks good. No mutations were possible for these changes. |
|
Tweaked suggested commit message PTAL. |
|
Good one; made some changes :) |
|
Okay I indeed should've done better here 😅. Thanks! Will merge. |
|
(Dropped one tiny word, something that is introduced is always new right 😉, and the last entry doesn't have "new"). |
Suggested commit message:
Context of this PR: I've registered Error Prone Support with the OpenSSF Best Practices Badge Program, and these changes increase our compliance. (Other PRs to improve compliance may follow.)