We'd love to accept your patches and contributions to this project. There are just a few small guidelines you need to follow.
Contributions to this project must be accompanied by a Contributor License Agreement. You (or your employer) retain the copyright to your contribution; this simply gives us permission to use and redistribute your contributions as part of the project. Head over to https://cla.developers.google.com/ to see your current agreements on file or to sign a new one.
You generally only need to submit a CLA once, so if you've already submitted one (even if it was for a different project), you probably don't need to do it again.
All submissions, including submissions by project members, require review. We use GitHub pull requests for this purpose. Consult GitHub Help for more information on using pull requests.
This project follows Google's Open Source Community Guidelines.
Please review the documentation README for more information about contributing to documentation.
Install:
- Go 1.18+, use
go versionto check. - GoReleaser (Optional, only if you want reproducible builds).
- golangci-lint (Optional, only if you want to run the linters locally)
Run the following in the project directory:
$ go build ./cmd/osv-scanner/Produces osv-scanner binary in the project directory.
Run the following in the project directory:
$ goreleaser build --rm-dist --single-target --snapshotSee GoReleaser documentation for build options.
You can also reproduce the downloadable builds by checking out the specific tag and running goreleaser build,
using the same Go version as the one used during the actual release (see goreleaser workflows).
To run tests:
./run_tests.shTo lint your code, run
./run_lints.sh