summaryrefslogtreecommitdiffstats
path: root/.github/CONTRIBUTING.md
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:43:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:43:34 +0000
commit0fcce96a175531ec6042cde1b11a0052aa261dd5 (patch)
tree898a1e161c4984b41e6a732866bd73b24f0f7b7a /.github/CONTRIBUTING.md
parentInitial commit. (diff)
downloadsuricata-update-0fcce96a175531ec6042cde1b11a0052aa261dd5.tar.xz
suricata-update-0fcce96a175531ec6042cde1b11a0052aa261dd5.zip
Adding upstream version 1.3.2.upstream/1.3.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '.github/CONTRIBUTING.md')
-rw-r--r--.github/CONTRIBUTING.md53
1 files changed, 53 insertions, 0 deletions
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
new file mode 100644
index 0000000..934a9d1
--- /dev/null
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,53 @@
+Contributing to Suricata
+========================
+
+We're happily taking patches and other contributions. The process is
+documented at
+https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing
+Please have a look at this document before submitting.
+
+Contribution Agreement
+----------------------
+
+Before accepting your pull requests we need you or your organization
+to sign our contribution agreement.
+
+We do this to keep the ownership of Suricata in one hand: the Open
+Information Security Foundation. See
+https://suricata-ids.org/about/open-source/ and
+https://suricata-ids.org/about/contribution-agreement/
+
+Contribution Process
+--------------------
+
+Suricata is a complex piece of software dealing with mostly untrusted
+input. Mishandling this input will have serious consequences:
+
+* in IPS mode a crash may knock a network offline;
+* in passive mode a compromise of the IDS may lead to loss of critical
+ and confidential data;
+* missed detection may lead to undetected compromise of the network.
+
+In other words, we think the stakes are pretty high, especially since
+in many common cases the IDS/IPS will be directly reachable by an
+attacker.
+
+For this reason, we have developed a QA process that is quite
+extensive. A consequence is that contributing to Suricata can be a
+somewhat lengthy process.
+
+On a high level, the steps are:
+
+1. Travis-CI based build & unit testing. This runs automatically when
+ a pull request is made.
+
+2. Review by devs from the team and community
+
+3. QA runs trigged by the team
+
+Questions
+---------
+
+If you have questions about contributing, please contact us via
+https://suricata-ids.org/support/
+