diff options
| author | Joseph Birr-Pixton <jpixton@gmail.com> | 2017-12-31 21:19:46 +0000 |
|---|---|---|
| committer | Joseph Birr-Pixton <jpixton@gmail.com> | 2017-12-31 21:19:46 +0000 |
| commit | bd2be2b7926ff465dc1039954e4540bc336df99c (patch) | |
| tree | 9040dc56bb683df4c782c5e1a2221ee91c329abc /CONTRIBUTING.md | |
| parent | 4bf2b87ce751499faf853b509236a55bb5fdc023 (diff) | |
Add initial CONTRIBUTING
Diffstat (limited to 'CONTRIBUTING.md')
| -rw-r--r-- | CONTRIBUTING.md | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..282fd92e --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,56 @@ +# Contributing + +Thanks for considering helping this project. There are many +ways you can help: using the library and reporting bugs, +reporting usability issues, making additions and improvements +to the library, documentation and finding security bugs. + +## Reporting bugs + +Please file a github issue. Include as much information as +possible. Suspected protocol bugs are easier debugged with +a pcap or reproduction steps. + +Feel free to file github issues to get help, or ask a question. + +## Code changes + +Some ideas and guidelines for contributions: + +- For large features, file an issue prior to starting work. + This means everyone can see what is in progress prior to a PR. +- Feel free to submit a PR even if the work is not totally finished, + for feedback or to hand-over. +- Prefer not to reference github issue or PR numbers in commits. +- Try to keep code formatting commits separate from functional commits. +- See [`.travis.yml`](.travis.yml) for how to run the various test + suites, and how to make coverage measurements. +- I run `cargo outdated` prior to major releases; but PRs to update specific + dependencies are welcome. + +## Security bugs + +Please report security bugs by filing a github issue, or by +email to jbp@jbp.io if you want to disclose privately. I'll then: + +- Prepare a fix and regression tests. +- Backport the fix and make a patch release for most recent release. +- Submit an advisory to [rustsec/advisory-db](https://github.com/RustSec/advisory-db). +- Refer to the advisory on the main README.md and release notes. + +If you're *looking* for security bugs, this crate is set up for +`cargo fuzz` but would benefit from more runtime, targets and corpora. + +## Testing + +- Features involving additions to the public API should have (at least) + API-level tests (see [`tests/api.rs`](tests/api.rs)). +- Protocol additions should have some coverage -- consider enabling + corresponding tests in the bogo suite, or writing some adhoc tests. + +PRs which cause test failures or a significant coverage decrease +are unlikely to be accepted. + +## Licensing + +Contributions are made under [rustls's licenses](LICENSE). |