Third-party patches are essential for keeping bluemonday secure and offering the features developers want. However there are a few guidelines that we need contributors to follow so that we can maintain the quality of work that developers who use bluemonday expect.
If you are reporting a security flaw, you may expect that we will provide the code to fix it for you. Otherwise you may want to submit a pull request to ensure the resolution is applied sooner rather than later:
go test -v ./...
or make test
and ensure all tests passgofmt -w ./$*
or make fmt
go tool vet *.go
or make vet
and resolve any issuesgo get -u github.com/golang/lint/golint
and run vet golint *.go
or make lint
and resolve every warningCloses #6
in the pull request comment to close issue #6 when the pull request is acceptedOnce you have submitted a pull request, we may merge it without changes. If we have any comments or feedback, or need you to make changes to your pull request we will update the Github pull request or the associated issue. We expect responses from you within two weeks, and we may close the pull request is there is no activity.
We haven’t gone for the formal “Sign a Contributor Licence Agreement” thing that projects like puppet, Mojito and companies like Google are using.
But we do need to know that we can accept and merge your contributions, so for now the act of contributing a pull request should be considered equivalent to agreeing to a contributor licence agreement, specifically:
You accept that the act of submitting code to the bluemonday project is to grant a copyright licence to the project that is perpetual, worldwide, non-exclusive, no-charge, royalty free and irrevocable.
You accept that all who comply with the licence of the project (BSD 3-clause) are permitted to use your contributions to the project.
You accept, and by submitting code do declare, that you have the legal right to grant such a licence to the project and that each of the contributions is your own original creation.