Contributions to gittuf can be of several types:
- changes to the design documents stored in the
docs/folder - code changes for bug fixes, new features, documentation, and other enhancements to the implementation
- new issues or feature requests
Join our community to get started!
When submitting changes to the gittuf docs or implementation, contributors must open a GitHub pull request to the repository. gittuf uses the NYU Secure Systems Lab development workflow. Pull requests must include tests for the changes in behavior they introduce. They are reviewed by one or more maintainers and undergo automated testing such as (but not limited to):
- Unit and build testing
- Static analysis using linters
- Developer Certificate of Origin (DCO) check
In future, as gittuf matures, this repository will also be secured using gittuf. At that point, the contributor workflow may evolve to record gittuf specific information.
Contributors to gittuf must abide by the project's code of conduct. Any questions regarding the gittuf community's governance and code of conduct may be directed to the project's Technical Steering Committee.