Contributing to CryptoBox
Please address all support enquiries over the dedicated CryptoBox Gitter channel.
For the security of the community relying on CryptoBox, please report security issues privately by email to firstname.lastname@example.org. Please do not report security issues publicly.
Security issues are addressed with top priority. As soon as a fix for a security issue is ready, the issue is published in a security alert together with the corresponding security patch and public recognition for all contributions.
Standard issues (not security relevant)
Requests for new features and standard issues that are not security relevant are tracked as GitHub issues in this repository:
- please either submit a new issue after checking that a similar feature request or issue has not already been submitted,
- or subscribe to a related existing feature request or issue.
Please limit comments on issues to statements adding new relevant insight that might help working towards a resolution.
Note that leaving
+1 or equivalent comments is less effective
then subscribing to the issue.
Please use the following template as guideline for all submitted issues, security-relevant or not:
**Descriptive Title** short description of feature request or issue **Cryptobox version:** (only for issues) first version of Cryptobox affected by the issue **Environment:** (only for issues) Node and/or Browser, including user-agent version, in which the issue can be reproduced **Usage example:** (only for feature request) usage example of requested feature **Reproduction Steps, live example:** (only for issues) steps to reproduce the issue: 1. [First Step] 2. [Second Step] 3. [Other Steps...] and/or links to a live example reproducing the issue (e.g. [Plunker][plunker], [JSFiddle][jsfiddle] or [Runnable][runnable]). **Expected behavior:** description of expected behavior **Observed behavior:** (only for issues) description of observed behavior **Screenshots** optional screenshots, and/or [screencasts](https://github.com/colinkeenan/silentcast).
Forked public project
Contributions follow the forked public project model.
- all commits should follow these conventional guidelines.
- all commits must be signed. This is required both in the contributor's own interest, and that of the community relying on this project: clear code ownership is a necessary foundation for a trusted open source project.
Pull-Request (PR) guidelines
- a PR must close at least one open issue. The corresponding issues should be listed in the title of the PR, e.g. "close #21, #42".
- all PRs must pass the full Cryptobox test suite and dedicated tests for the added or fixed features
- all PRs must include the contributor's detached signature of the Individual Contributor License Agreement, together with the following statement:
As certified by my signature, attached to this Pull-Request, of the Individual Contributor License Agreement (ICLA), I submit this Contribution under the terms of the ICLA, which I fully approve and agree with, and a copy of which can be found at https://github.com/ZenyWay/cryptobox/blob/master/ICLA.
This is required both in the contributor's own interest, and that of the community relying on this project, as it clarifies the conditions under which the contribution is made.
CI testing runs on TravisCI.