mirror of https://github.com/OISF/suricata
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.6 KiB
Markdown
39 lines
1.6 KiB
Markdown
Contributing to Suricata
|
|
========================
|
|
|
|
We're happily taking patches and other contributions. The process is documented at https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Contributing Please have a look at this document before submitting.
|
|
|
|
Contribution Agreement
|
|
----------------------
|
|
|
|
Before accepting your pull requests we need you or your organization to sign our contribution agreement.
|
|
|
|
We do this to keep the ownership of Suricata in one hand: the Open Information Security Foundation. See https://suricata-ids.org/about/open-source/ and https://suricata-ids.org/about/contribution-agreement/
|
|
|
|
Contribution Process
|
|
--------------------
|
|
|
|
Suricata is a complex piece of software dealing with mostly untrusted input. Mishandling this input will have serious consequences:
|
|
|
|
* in IPS mode a crash may knock a network offline;
|
|
* in passive mode a compromise of the IDS may lead to loss of critical and confidential data;
|
|
* missed detection may lead to undetected compromise of the network.
|
|
|
|
In other words, we think the stakes are pretty high, especially since in many common cases the IDS/IPS will be directly reachable by an attacker.
|
|
|
|
For this reason, we have developed a QA process that is quite extensive. A consequence is that contributing to Suricata can be a somewhat lengthy process.
|
|
|
|
On a high level, the steps are:
|
|
|
|
1. Travis-CI based build & unit testing. This runs automatically when a pull request is made.
|
|
|
|
2. Review by devs from the team and community
|
|
|
|
3. QA runs trigged by the team
|
|
|
|
Questions
|
|
---------
|
|
|
|
If you have questions about contributing, please contact us via https://suricata-ids.org/support/
|
|
|