.. _contributing:

Contributing to VulnerableCode
=================================

Thank you so much for being so interested in contributing to VulnerableCode. We
are always on the lookout for enthusiastic contributors like you who can make
our project better, and we are willing to lend a helping hand if you have any
questions or need guidance along the way. That being said, here are a few
resources to help you get started.

.. note::
    By contributing to the VulnerableCode project, you agree to the Developer
    `Certificate of Origin <http://developercertificate.org/>`_.


Do Your Homework
----------------

Before adding a contribution or create a new issue, take a look at the project’s
`README <https://github.com/nexB/vulnerablecode>`_, read through our
`documentation <https://vulnerablecode.readthedocs.io/en/latest/>`_,
and browse existing `issues <https://github.com/nexB/vulnerablecode/issues>`_,
to develop some understanding of the project and confirm whether a given
issue/feature has previously been discussed.

Ways to Contribute
------------------

Contributing to the codebase is not the only way to add value to VulnerableCode or
join our community. Below are some examples to get involved:

First Timers
^^^^^^^^^^^^

You are here to help, but you are a new contributor! No worries, we always
welcome newcomer contributors. We maintain some
`good first issues <https://github.com/nexB/vulnerablecode/labels/good%20first%20issue>`_
and encourage new contributors to work on those issues for a smooth start.

.. tip::
    If you are an open-source newbie, make sure to check the extra resources at
    the bottom of this page to get the hang of the contribution process!

Code Contributions
^^^^^^^^^^^^^^^^^^

For more established contributors, you can contribute to the codebase in several ways:

- Report a `bug <https://github.com/nexB/vulnerablecode/issues>`_; just remember to be as
  specific as possible.
- Submit a `bug fix <https://github.com/nexB/vulnerablecode/labels/bug>`_ for any existing
  issue.
- Create a `new issue <https://github.com/nexB/vulnerablecode/issues>`_ to request a
  feature, submit a feedback, or ask a question.

.. note::
    Make sure to check existing `issues <https://github.com/nexB/vulnerablecode/issues>`_,
    to confirm whether a given issue or a question has previously been
    discussed.

Documentation Improvements
^^^^^^^^^^^^^^^^^^^^^^^^^^

Documentation is a critical aspect of any project that is usually neglected or
overlooked. We value any suggestions to improve
`vulnerablecode documentation <https://vulnerablecode.readthedocs.io/en/latest/>`_.

.. tip::
    Our documentation is treated like code. Make sure to check our
    `writing guidelines <https://scancode-toolkit.readthedocs.io/en/latest/contribute/contrib_doc.html>`_
    to help guide new users.

Other Ways
^^^^^^^^^^

You want to contribute to other aspects of the VulnerableCode project, and you
cannot find what you are looking for! You can always discuss new topics, ask
questions, and interact with us and other community members on
`AboutCode Gitter <https://gitter.im/aboutcode-org/discuss>`_ and `VulnerableCode Gitter <https://gitter.im/aboutcode-org/vulnerablecode>`_

Helpful Resources
-----------------

- Review our `comprehensive guide <https://scancode-toolkit.readthedocs.io/en/latest/contribute/index.html>`_
  for more details on how to add quality contributions to our codebase and documentation
- Check this free resource on `how to contribute to an open source project on github <https://egghead.io/courses/how-to-contribute-to-an-open-source-project-on-github>`_
- Follow `this wiki page <https://aboutcode.readthedocs.io/en/latest/contributing/writing_good_commit_messages.html>`_
  on how to write good commit messages
- `Pro Git book <https://git-scm.com/book/en/v2>`_
- `How to write a good bug report <https://www.softwaretestinghelp.com/how-to-write-good-bug-report/>`_
