This is Horusec contributing guide. Please read the following sections to learn how to ask questions and how to work on something.
Please follow the Code of Conduct in all your interactions with our project.
-
Horusec is licensed over ASL - Apache License, version 2, so new files must have the ASL version 2 header, for more information, please check out Apache license.
-
All contributions are subject to the Developer Certificate of Origin (DCO). When you commit, use the
**-s**option to include the Signed-off-by line at the end of the commit log message.
Check out the requisites before contributing to Horusec:
This is a security layer for the project and for the developers. It is mandatory.
There are two ways to use DCO, see them below:
1. Command line Follow the steps: Step 1: Check out your local git:
git config --global user.name “Name”
git config --global user.email “[email protected]”
Step 2: When you commit, add the sigoff via -s flag:
$ git commit -s -m "This is my commit message"
2. GitHub website
Step 1: When the commit changes box opens, add
$ git commit -m “My signed commit” Signed-off-by: username <email address>
Note: For this option, your e-mail must be the same in registered in GitHub.
- All your submissions needs a review.
When opening a PR:
- You need to add a title describing the issue.
- Fill in the template, describe why you are opening the PR.
See the guidelines to submit your changes:
Horusec has other repositories and you can check the README for each one of them:
Contributing to a new feature is only allowed in the main repository.
Before contributing to this repository, please discuss the changes you wish to make via email or forum.
If you want to add an improvement, a new feature or bugfix, follow the steps to contribute:
Step 1: Make sure your branch is based on main; Step 2: When opening an issue, choose a template to answer the questions regarding the what you want to contribute:
Step 3: Make your changes and open a GitHub pull request;
Step 4: Make sure to write a title describing what you have done;
Step 5: Fill in the template in the PR, here you need to write what you did and how the team can verify it;
Step 6: You must commit to comply with the DCO rules. It will need to be signed-off and verified. Example: git commit -s --amend.
Your pull request is approved when:
- 2 code owners approve it.
- Pass all GitHub actions checking process (lint, test, coverage, license, build, e2e, security, dco).
- If it is a bugfix, the team will perform the changes and there will be a new release.
- If it is a feature, it will be in the next release.
- Do you have any question about Horusec in our mailing list
- Let's chat in our forum.
Thank you for your contribution, you rock! 🚀
Horusec team