Thank you for your interest in joining the InsightConnect developer community!! Please review our Code of Conduct before making contributions.
There are multiple ways to contribute beyond writing code. These include:
- Submit bugs and feature requests with detailed information about your issue or idea.
- Help fellow users with open issues or help fellow committers test recent pull requests.
- [Report a security vulnerability in InsightConnect's plugins] to Rapid7.
- Submit an updated or brand new plugin! We are always eager for new integrations or features. Don't know where to start? Check out the developer documentation.
Here is a short list of dos and don'ts to make sure your valuable contributions actually make it into production. If you do not care to follow these rules, your contribution will be rejected. Sorry!
- Do read the developer documentation
- Do install pre-commit to ensure your style is Black.
- Do stick to our plugin style guides.
- Do follow the 50/72 rule for Git commit messages.
- Do license your code as MIT.
- Do create a topic branch to work on. This helps ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes, and allows contributors to make progress while a PR is still being reviewed.
- Do write "WIP" on your PR and/or open a draft PR if submitting unfinished code.
- Do target your pull request to the master branch.
- Do specify a descriptive title to make searching for your pull request easier e.g. "Okta: add Suspend User action".
- Do include console output, especially the JSON output for new features and bug fixes.
- Do list verification steps so your tests are reproducible.
- Do reference associated issues in your pull request description.
- Don't leave your pull request description blank.
- Don't abandon your pull request. Being responsive helps us land your code faster.
- Do install validator dependencies necessary to run
make validateto find and fix any errors or warnings that come up. - Do include documentation showing sample run-throughs.
- Don't include more than one plugin per pull request.
- Do include reproduction steps in the form of verification steps.
- Do link to any corresponding Issues in the format of
See #1234in your commit description.
Please report vulnerabilities in Rapid7 software directly to security@rapid7.com. For more on our disclosure policy and Rapid7's approach to coordinated disclosure, head over here.
When reporting issues:
- Do write a detailed description of your bug and use a descriptive title.
- Do include reproduction steps, stack traces, and anything that might help us fix your bug.
- Don't file duplicate reports; search for your bug before filing a new report.
If you have general requests or need additional guidance, reach out to the open source contribution owners at
IntegrationAlliance@rapid7.com.
Finally, thank you for taking the few moments to read this far! You're already way ahead of the curve, so keep it up!