blob: 934a9d1991d20cc509a1906602b39fae101360ce (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
Contributing to Suricata
========================
We're happily taking patches and other contributions. The process is
documented at
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing
Please have a look at this document before submitting.
Contribution Agreement
----------------------
Before accepting your pull requests we need you or your organization
to sign our contribution agreement.
We do this to keep the ownership of Suricata in one hand: the Open
Information Security Foundation. See
https://suricata-ids.org/about/open-source/ and
https://suricata-ids.org/about/contribution-agreement/
Contribution Process
--------------------
Suricata is a complex piece of software dealing with mostly untrusted
input. Mishandling this input will have serious consequences:
* in IPS mode a crash may knock a network offline;
* in passive mode a compromise of the IDS may lead to loss of critical
and confidential data;
* missed detection may lead to undetected compromise of the network.
In other words, we think the stakes are pretty high, especially since
in many common cases the IDS/IPS will be directly reachable by an
attacker.
For this reason, we have developed a QA process that is quite
extensive. A consequence is that contributing to Suricata can be a
somewhat lengthy process.
On a high level, the steps are:
1. Travis-CI based build & unit testing. This runs automatically when
a pull request is made.
2. Review by devs from the team and community
3. QA runs trigged by the team
Questions
---------
If you have questions about contributing, please contact us via
https://suricata-ids.org/support/
|
