-
Notifications
You must be signed in to change notification settings - Fork 61
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Cleanup for v2.5.0.
- Loading branch information
Showing
1 changed file
with
11 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,33 +1,26 @@ | ||
| # How to contribute | ||
|
|
||
| Here are some ways you can contribute: | ||
| You can contribute by using the library, opening issues, or opening pull requests. | ||
|
|
||
| - Give this library a star on GitHub. It doesn't cost anything and it lets maintainers know you appreciate their work. | ||
| - Use this library in your project. By using this library, you're more likely to open an issue with feature request, etc. | ||
| - Report security vulnerabilities privately by email after reading this contributing guide and [Security Policy](https://github.com/fxamacker/cbor#security-policy). | ||
| - Open an issue with a feature request. It can help prioritize issues if you provide a link to your project and mention if a missing feature prevents your project from using this library. | ||
| - Open an issue with a bug report. It's helpful if the bug report includes a link to a reproducer at [Go Playground](https://go.dev/play/). | ||
| - Open a PR that would close a specific issue. Ask if it's a good time to open a PR in the issue because a solution might already be in progress. Please also read about the signing requirements before spending time on a PR. | ||
| ## Bug reports and security vulnerabilities | ||
|
|
||
| If you'd like to contribute code or send CBOR data, please read on (it can save you time!) | ||
|
|
||
| ## Private reports | ||
|
|
||
| Usually, all issues are tracked publicly on [GitHub](https://github.com/fxamacker/cbor/issues). | ||
| Most issues are tracked publicly on [GitHub](https://github.com/fxamacker/cbor/issues). | ||
|
|
||
| To report security vulnerabilities, please email [email protected] and allow time for the problem to be resolved before disclosing it to the public. For more info, see [Security Policy](https://github.com/fxamacker/cbor#security-policy). | ||
|
|
||
| Please do not send data that might contain personally identifiable information, even if you think you have permission. That type of support requires payment and a contract where I'm indemnified, held harmless, and defended for any data you send to me. | ||
| Please do not send data that might contain personally identifiable information, even if you think you have permission. That type of support requires payment and a signed contract where I'm indemnified, held harmless, and defended by you for any data you send to me. | ||
|
|
||
| ## Pull requests | ||
|
|
||
| Pull requests have signing requirements and must not be anonymous. Exceptions can be made for docs and CI scripts. | ||
| Please [create an issue](https://github.com/fxamacker/cbor/issues/new/choose) before you begin work on a PR. The improvement may have already been considered, etc. | ||
|
|
||
| See our [Pull Request Template](https://github.com/fxamacker/cbor/blob/master/.github/pull_request_template.md) for details. | ||
| Pull requests have signing requirements and must not be anonymous. Exceptions are usually made for docs and CI scripts. | ||
|
|
||
| Please [create an issue](https://github.com/fxamacker/cbor/issues/new/choose), if one doesn't already exist, and describe your concern. You'll need a [GitHub account](https://github.com/signup/free) to do this. | ||
| See the [Pull Request Template](https://github.com/fxamacker/cbor/blob/master/.github/pull_request_template.md) for details. | ||
|
|
||
| If you submit a pull request without creating an issue and getting a response, you risk having your work unused because the bugfix or feature was already done by others and being reviewed before reaching Github. | ||
| Pull requests have a greater chance of being approved if: | ||
| - it does not reduce speed, increase memory use, reduce security, etc. for people not using the new option or feature. | ||
| - it has > 97% code coverage. | ||
|
|
||
| ## Describe your issue | ||
|
|
||
|
|
@@ -40,17 +33,7 @@ Clearly describe the issue: | |
|
|
||
| Please don't send data containing personally identifiable information, even if you think you have permission. That type of support requires payment and a contract where I'm indemnified, held harmless, and defended for any data you send to me. | ||
|
|
||
| Please don't send CBOR data larger than 512 bytes. If you want to send crash-producing CBOR data > 512 bytes, please get my permission before sending it to me. | ||
|
|
||
| ## Wanted | ||
|
|
||
| * Opening issues that are helpful to the project | ||
| * Using this library in your project and letting me know | ||
| * Sending well-formed CBOR data (<= 512 bytes) that causes crashes (none found yet). | ||
| * Sending malformed CBOR data (<= 512 bytes) that causes crashes (none found yet, but bad actors are better than me at breaking things). | ||
| * Sending tests or data for unit tests that increase code coverage (currently around 98%) | ||
| * Pull requests with small changes that are well-documented and easily understandable. | ||
| * Sponsors, donations, bounties, or subscriptions. | ||
| Please don't send CBOR data larger than 1024 bytes by email. If you want to send crash-producing CBOR data > 1024 bytes by email, please get my permission before sending it to me. | ||
|
|
||
| ## Credits | ||
|
|
||
|
|
||