path: root/HACKING

$Id$

Nmap HACKING
------------

Information for potential Nmap hackers!

Source is provided to Nmap because we believe users have a
right to know exactly what a program is going to do before they run
it.  This also allows you to audit the software for security holes
(none have been found so far).

Source code also allows you to port Nmap to new platforms, fix bugs,
and add new features.  You are highly encouraged to send your changes
to dev@nmap.org for possible incorporation into the main
distribution.  By sending these changes to Fyodor or one of the
Insecure.Org development mailing lists, it is assumed that you are
offering the Nmap Project (Nmap Software LLC) unlimited, non-exclusive
right to reuse, modify, and relicense the code.  This is important
because the inability to relicense code has caused devastating
problems for other Free Software projects (such as KDE and NASM).
Nmap will always be available Open Source.  If you wish to specify
special license conditions of your contributions, just say so when you
send them.

Nmap is a community project and has already benefited greatly from
outside contributors (for examples, see the CHANGELOG at
https://nmap.org/changelog.html).  Bugfixes, and portability changes
will almost always be accepted.  Even if you do not have time to track
down and patch a problem, bug reports are always welcome.

Hackers interested in something more major, such as a new feature, are
encouraged to send a mail describing their plans to
dev@nmap.org .  This is a good way to solicit feedback on
your proposals.  List members are often very willing to help.  You
might want to subscribe to that mailing list as well -- send a blank
email to dev-subscribe@nmap.org .  While you are at it, you
might also want to subscribe to announce@nmap.org via the same mechanism.
Web archives of those lists are at http://seclists.org .

Some ideas of useful contributions/projects
-------------------------------------------

Of course, you are welcome to work on whatever suits your fancy.  But
some ideas of contributions that might be particularly useful are listed in
the todo file, available in todo/nmap.txt or online at
https://svn.nmap.org/nmap/todo/nmap.txt

o Bug reports and feature requests at http://issues.nmap.org/ are a good place
  to look for ideas.

o Script ideas page. Writing NSE scripts is an excellent way to contribute to
  the project. You can add your script ideas to our wiki page, or pick one and
  implement it. See: https://secwiki.org/w/Nmap_Script_Ideas

o Nmap GUI improvements -- Zenmap is the Nmap GUI. If you have
  enhancement ideas, give it a shot!  Alternatively, consider
  contributing to the NmapSI and Umit projects available at
  http://www.nmapsi4.org and http://umit.sourceforge.net respectively.
  There are also other satellite projects, with different level of activity,
  such as NmapGUI (http://sourceforge.net/projects/nmapgui) or Nmap::parser
  (http://rubynmap.sourceforge.net).

One of the best ways to help is to join the nmap-dev list
( https://nmap.org/mailman/listinfo/dev ).  Requests for
assistance and new Nmap-related projects are often posted there.

How to make code contributions
------------------------------

The preferred mechanism for submitted changes is unified diffs against
the latest SVN trunk.  Please send them to dev@nmap.org .

Get a local copy of the SVN trunk:

  svn co https://svn.nmap.org/nmap

Make your changes.

Then make a unified diff, by issuing the following command:

  svn diff > nmap.patch

If you've added several features, it's best to send them as several independent
patches if you can.

We also accept Github Pull Requests at https://github.com/nmap/nmap

Style
-----

Code style guidelines and quality checking tools are documented at
https://secwiki.org/w/Nmap/Code_Standards . The short version is:

* Indent with 2 spaces, not tabs
* No trailing whitespace
* Be consistent
* Use comments

Credits
-------

I got the idea for this HACKING file from GNet
(http://www.gnetlibrary.org/) and followed the
general structure of their HACKING file.