Skip to content

Latest commit

 

History

History
146 lines (106 loc) · 5.01 KB

CONTRIBUTING.md

File metadata and controls

146 lines (106 loc) · 5.01 KB

Contributing to Comeonin

The first part of this document covers the goals and the scope of Comeonin, and then lists some ways that developers can contribute to it.

After that, there is more technical information about the contributing process.

Features

  • Comeonin uses the most secure, up-to-date hashing schemes, bcrypt and pbkdf2_sha512.
  • It uses the latest version of bcrypt, supporting the $2b$ prefix.
  • It is easy to use.
    • There are several convenience functions to make checking passwords easier.
    • Salts are generated by default.
    • Each function has sensible, secure defaults.
  • It provides excellent documentation.
    • Clear instructions are given on how to use Comeonin.
    • Several recommendations are also given to help developers keep their apps secure.

Ways you can contribute

  • Find bugs
  • Add to, or improve, the documentation

Bug reports

Guidelines for bug reports:

  1. Use the GitHub issue search — check if the issue has already been reported.

  2. Check if the issue has been fixed — try to reproduce it using the master branch in the repository.

  3. Report the problem — open an issue.

Please try to be as detailed as possible in your report. Include information about your Operating System, as well as your Erlang and Elixir versions. Please provide steps to reproduce the issue as well as the outcome you were expecting. Also include any error messages that you get. All these details will help developers to fix any potential bugs.

Feature requests

First, make sure that the feature fits in with the goals of Comeonin. Then, open an issue explaining what feature you would like implemented. Please provide technical / practical details about why this feature is needed.

IMPORTANT: Remember that you need to convince us that this feature is needed.

Contributing documentation

Documentation is a very important part of the whole Comeonin package. The documentation is not limited to how a module or function works, but also provides, succintly and clearly, more general information related to password security.

If you are contributing documentation that makes any claims, for example, that something is faster, more secure, etc., please provide link(s) to the sources of this information.

Pull requests

Good pull requests - patches, improvements, documentation, new features - are a fantastic help. They should remain focused in scope and avoid containing unrelated commits.

IMPORTANT: By submitting a patch, you agree that your work will be licensed under the license used by the project.

If you have any large pull request in mind (e.g. implementing features, refactoring code, etc), please ask first otherwise you risk spending a lot of time working on something that the project's developers might not want to merge into the project.

Please adhere to the coding conventions in the project (indentation, accurate comments, etc.) and don't forget to add your own tests and documentation. When working with git, we recommend the following process in order to craft an excellent pull request:

  1. Fork the project, clone your fork, and configure the remotes:

    # Clone your fork of the repo into the current directory
    git clone https://github.com/<your-username>/comeonin
    # Navigate to the newly cloned directory
    cd comeonin
    # Assign the original repo to a remote called "upstream"
    git remote add upstream https://github.com/riverrun/comeonin
  2. If you cloned a while ago, get the latest changes from upstream:

    git checkout master
    git pull upstream master
  3. Create a new topic branch (off of master) to contain your feature, change, or fix.

    IMPORTANT: Making changes in master is discouraged. You should always keep your local master in sync with upstream master and make your changes in topic branches.

    git checkout -b <topic-branch-name>
  4. Commit your changes in logical chunks. Keep your commit messages organized, with a short description in the first line and more detailed information on the following lines. Feel free to use Git's interactive rebase feature to tidy up your commits before making them public.

  5. Make sure all the tests are still passing.

    mix test
  6. Push your topic branch up to your fork:

    git push origin <topic-branch-name>
  7. Open a Pull Request with a clear title and description.

  8. If you haven't updated your pull request for a while, you should consider rebasing on master and resolving any conflicts.

    IMPORTANT: Never ever merge upstream master into your branches. You should always git rebase on master to bring your changes up to date when necessary.

    git checkout master
    git pull upstream master
    git checkout <your-topic-branch>
    git rebase master

Thank you for your contributions!