Skip to content

Commit

Permalink
Update CONTRIBUTING.md (fixup of 109c9cf)
Browse files Browse the repository at this point in the history
  • Loading branch information
@FiloSottile
FiloSottile committed Jul 4, 2024
1 parent 206ce8a commit e244202
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Third-party patches are essential for keeping bluemonday secure and offering the

## Guidelines

1. Do not vendor dependencies. As a security package, were we to vendor dependencies the projects that then vendor bluemonday may not receive the latest security updates to the dependencies. By not vendoring dependencies the project that implements bluemonday will vendor the latest version of any dependent packages. Vendoring is a project problem, not a package problem. bluemonday will be tested against the latest version of dependencies periodically and during any PR/merge.
1. Do not vendor dependencies. Vendoring is a project problem, not a package problem.
2. I do not care about spelling mistakes or whitespace and I do not believe that you should either. PRs therefore must be functional in their nature or be substantial and impactful if documentation or examples.
3. This module does not participate in hacktober, please make your contributions meaningful.

Expand All @@ -31,10 +31,9 @@ If you are reporting a security flaw, you may expect that we will provide the co
1. Include tests for your patch, 1 test should encapsulate the entire patch and should refer to the Github issue
1. If you have added new exposed/public functionality, you should ensure it is documented appropriately
1. If you have added new exposed/public functionality, you should consider demonstrating how to use it within one of the helpers or shipped policies if appropriate or within a test if modifying a helper or policy is not appropriate
1. Run all of the tests `go test -v ./...` or `make test` and ensure all tests pass
1. Run gofmt `gofmt -w ./$*` or `make fmt`
1. Run vet `go tool vet *.go` or `make vet` and resolve any issues
1. Install golint using `go get -u github.com/golang/lint/golint` and run vet `golint *.go` or `make lint` and resolve every warning
1. Run all of the tests `go test -v ./...` and ensure all tests pass
1. Run gofmt `go fmt ./...`
1. Run vet `go vet ./...` and resolve any issues
* When submitting the pull request you should
1. Note the issue(s) it resolves, i.e. `Closes #6` in the pull request comment to close issue #6 when the pull request is accepted

Expand Down

0 comments on commit e244202

Please sign in to comment.