summaryrefslogtreecommitdiffstats
path: root/suricata-update/.github/CONTRIBUTING.md
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:39:49 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 17:39:49 +0000
commita0aa2307322cd47bbf416810ac0292925e03be87 (patch)
tree37076262a026c4b48c8a0e84f44ff9187556ca35 /suricata-update/.github/CONTRIBUTING.md
parentInitial commit. (diff)
downloadsuricata-a0aa2307322cd47bbf416810ac0292925e03be87.tar.xz
suricata-a0aa2307322cd47bbf416810ac0292925e03be87.zip
Adding upstream version 1:7.0.3.upstream/1%7.0.3
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'suricata-update/.github/CONTRIBUTING.md')
-rw-r--r--suricata-update/.github/CONTRIBUTING.md53
1 files changed, 53 insertions, 0 deletions
diff --git a/suricata-update/.github/CONTRIBUTING.md b/suricata-update/.github/CONTRIBUTING.md
new file mode 100644
index 0000000..934a9d1
--- /dev/null
+++ b/suricata-update/.github/CONTRIBUTING.md
@@ -0,0 +1,53 @@
+Contributing to Suricata
+========================
+
+We're happily taking patches and other contributions. The process is
+documented at
+https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing
+Please have a look at this document before submitting.
+
+Contribution Agreement
+----------------------
+
+Before accepting your pull requests we need you or your organization
+to sign our contribution agreement.
+
+We do this to keep the ownership of Suricata in one hand: the Open
+Information Security Foundation. See
+https://suricata-ids.org/about/open-source/ and
+https://suricata-ids.org/about/contribution-agreement/
+
+Contribution Process
+--------------------
+
+Suricata is a complex piece of software dealing with mostly untrusted
+input. Mishandling this input will have serious consequences:
+
+* in IPS mode a crash may knock a network offline;
+* in passive mode a compromise of the IDS may lead to loss of critical
+ and confidential data;
+* missed detection may lead to undetected compromise of the network.
+
+In other words, we think the stakes are pretty high, especially since
+in many common cases the IDS/IPS will be directly reachable by an
+attacker.
+
+For this reason, we have developed a QA process that is quite
+extensive. A consequence is that contributing to Suricata can be a
+somewhat lengthy process.
+
+On a high level, the steps are:
+
+1. Travis-CI based build & unit testing. This runs automatically when
+ a pull request is made.
+
+2. Review by devs from the team and community
+
+3. QA runs trigged by the team
+
+Questions
+---------
+
+If you have questions about contributing, please contact us via
+https://suricata-ids.org/support/
+