Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
Contributions to this project are released to the public under the project's open source license.
Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.
- Fork and clone the repository
- Create a new branch:
git checkout -b my-name-GHSA-ID - Make your change to the advisory file
- Push to your fork and submit a pull request
- Pat your self on the back and wait for your pull request to be reviewed and merged.
Here are a few things you can do that will increase the likelihood of your pull request being accepted:
- Follow the OSSF OSV schema.
- Change one advisory per PR. If there are multiple advisories you would like to improve, submit them as separate pull requests.
Sometimes our curation team may need more information or clarification about your contribution. They will respond directly to your pull request with comments and questions. Once they have this information, they'll finish their review and process your PR! If your pull request has no activity for 30 consecutive days it will automatically be closed. After 15 days of no activity, the stale label will be added. If there continues to be no activity, then after another 15 days the request will be closed. Any PR closed due to staleness is welcome to be resubmitted or reopened.