ossf/scorecard
1
1
Fork 0
mirror of https://github.com/ossf/scorecard.git synced 2024-09-20 13:37:13 +03:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
8c33c8ae69
scorecard/CONTRIBUTING.md
Abhishek Arya 81eab9d2d8
Add license header and code of conduct files. (#34) 
* Add license header and code of conduct files.

* Fill missing field.
2020-10-26 15:22:13 -05:00

67 lines
1.6 KiB
Markdown
Raw Blame History

# Contributing to Security Scorecards!
Thank you for contributing your time and expertise to the Security Scorecards project.
This document describes the contribution guidelines for the project.
**Note:** Before you start contributing, you must read and abide by our **[Code of Conduct](./CODE_OF_CONDUCT.md)**.
## Contributing code
### Getting started
1. Create [a GitHub account](https://github.com/join)
1. Create a [personal access token](https://docs.github.com/en/free-pro-team@latest/developers/apps/about-apps#personal-access-tokens)
1. Set up your [development environment](#environment-setup)
Then you can [iterate](#iterating).
### Environment Setup
You must install these tools:
1. [`git`](https://help.github.com/articles/set-up-git/): For source control
1. [`go`](https://golang.org/doc/install): The language Tekton Pipelines is
built in. You need go version [v1.15](https://golang.org/dl/) or higher.
## Iterating
You can build the project with:
```shell
go build .
```
You can also use `go run` to iterate without a separate rebuild step:
```shell
go run . --repo=<repo>
```
You can run tests with:
```shell
go test .
```
## Adding New Checks
Each check is currently just a function of type `CheckFn`.
The signature is:
```golang
type CheckFn func(c.Checker) CheckResult
```
Checks are registered in an init function:
```golang
AllChecks = append(AllChecks, NamedCheck{
Name: "Code-Review",
Fn: DoesCodeReview,
})
```
Currently only one set of checks can be run.
In the future, we'll allow declaring multiple suites and configuring which checks get run.
Reference in New Issue View Git Blame Copy Permalink