Ken Johnson
762f09d1ba
The app is full of security vulns but if there is something undocumented I'd like it mentioned and tracked in the issues section. Because this isn't something that is supporting a production instance of some application, I'm totally fine with the current way of submitting (through issues).
67 lines
2.9 KiB
Markdown
67 lines
2.9 KiB
Markdown
# Ways to Contribute to RailsGoat
|
|
|
|
Thanks for your interest on contributing to RailsGoat!
|
|
Here are a few general guidelines on contributing and reporting
|
|
bugs to RailsGoat that we ask you to take a look first.
|
|
Notice that all of your interactions in the project are
|
|
expected to follow our [Code of Conduct](./CODE_OF_CONDUCT.md).
|
|
|
|
## Reporting Issues
|
|
|
|
Before reporting a new issue, please be sure that the issue wasn't
|
|
already reported or fixed by searching on GitHub through our
|
|
[issues](https://github.com/OWASP/railsgoat/issues).
|
|
|
|
When creating a new issue, be sure to include a **title and clear description**,
|
|
as much relevant information as possible, and either a test case example or
|
|
even better a **sample Rails app that replicates the issue** -
|
|
RailsGoat has a lot of moving parts and it's functionality can be affected
|
|
by third party gems, so we need as much context and details as possible
|
|
to identify what might be broken for you.
|
|
|
|
Avoid opening new issues to ask questions in our issues tracker.
|
|
Please go through the project wiki, documentation and source code first,
|
|
or try to ask your question in our
|
|
[Slack Channel](https://owasp.slack.com/messages/C04THC44W).
|
|
|
|
## Sending Pull Requests
|
|
|
|
Before sending a new Pull Request, take a look on existing Pull Requests
|
|
and Issues to see if the proposed change or fix has been discussed in
|
|
the past, or if the change was already implemented but not yet released.
|
|
|
|
We expect new Pull Requests to include enough tests for new or changed
|
|
behavior, and we aim to maintain everything as most backwards compatible
|
|
as possible, reserving breaking changes to be ship in major releases
|
|
when necessary
|
|
|
|
If your Pull Request includes new or changed behavior, be sure that the
|
|
changes are beneficial to a wide range of use cases or it's an application
|
|
specific change that might not be so valuable to other applications.
|
|
|
|
We also welcome Pull Requests that improve our existing documentation
|
|
(both our `README.md` and the doc sections in the source code).
|
|
|
|
## Other Ways to Contribute
|
|
|
|
We welcome anyone that wants to contribute to RailsGoat to triage
|
|
and reply to open issues to help troubleshoot and fix existing bugs
|
|
on RailsGoat. Here is what you can do:
|
|
|
|
* Help ensure that existing issues follows the recommendations from the
|
|
[Reporting Issues template](./ISSUE_TEMPLATE.md),
|
|
providing feeback to the issue's author on what might be missing.
|
|
* Review and update the existing content of our
|
|
[Wiki](https://github.com/OWASP/railsgoat/wiki)
|
|
with up to date instructions and code samples - the wiki was grown
|
|
with several different tutorials and references that we can't keep
|
|
track of everything, so if there is a page that showcases an integration
|
|
or customization that you are familiar with feel free to update it
|
|
as necessary.
|
|
* Review existing Pull Requests, and testing patches against real
|
|
existing applications that use RailsGoat.
|
|
|
|
Thanks again for your interest on contributing to the project!
|
|
|
|
:heart:
|