Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
63 lines (33 loc) · 2.76 KB

CONTRIBUTING.md

File metadata and controls

63 lines (33 loc) · 2.76 KB

We greatly appreciate all of our contributors.

We would also like to highlight the contributions from Michael Dong and Fatimah Zohra who contributed to DefectDojo before it was open source.

Submitting an Issue

For Bugs

Before submitting, please ensure that you are using the latests code by performing a git pull.

Please include your operating system name, your operating system version number (16.04, 18.6, etc), and the dojo install type you are using (setup.bash, docker, k8s, etc).

Bugs that do not have this information will be closed.

Contributing to DefectDojo

Here are a few things to keep in mind when making changes to DefectDojo.

Writing a new parser

Please see the parser guide for guidance on how to write a parser.

Submisison Pre-Approval -- DefectDojo is Feature Complete

We consider the open-source version of DefectDojo to be feature complete with the exception of new parsers and parser improvements, it is recomended that you get in touch with us to discuss changes prior to dedicating time and resources. We're open to your suggestions and feedback, but we do not plan to add or accept new features in the future for supportability concerns. We are working on defining clear guidelines on direction and acceptable PRs, but in the meantime, please get in touch with Matt Tesauro on Slack.

Modifying DefectDojo and Testing

Please use these test scripts to test your changes. These are the scripts we run in our integration tests.

For changes that require additional settings, you can now use local_settings.py file. See the logging section below for more information.

Python3 version

For compatibility reasons, the code in dev branch should be python3.11 compliant.

Submitting Pull Requests

The following are things to consider before submitting a pull request to DefectDojo.

  1. Base your PR against the dev or bugfix branch, unless discussed otherwise with the maintainers

  2. Make sure that the install is working properly.

  3. All tests found in these test scripts should be passing.

  4. All submitted code should conform to PEP8 standards.

  5. See flake8 built-in commit hooks on how to easily check for for pep8 with flake8 before comitting.

  6. Pull requests should be submitted to the dev or bugfix branch.

  7. In dev branch, the code should be python 3.11 compliant.