1<!--
2
3Thank you for contributing changes to this document! Because we use a central repository
4to synchronize this file across all our repositories, make sure to make your edits
5in the correct file, which you can find here:
6
7https://github.com/ory/meta/blob/master/templates/repository/common/CONTRIBUTING.md
8
9-->
10
11# Contributing to Ory Fosite
12
13<!-- START doctoc generated TOC please keep comment here to allow auto update -->
14<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
15
16- [Introduction](#introduction)
17- [FAQ](#faq)
18- [How can I contribute?](#how-can-i-contribute)
19- [Communication](#communication)
20- [Contributing Code](#contributing-code)
21- [Documentation](#documentation)
22- [Disclosing vulnerabilities](#disclosing-vulnerabilities)
23- [Code Style](#code-style)
24 - [Working with Forks](#working-with-forks)
25- [Conduct](#conduct)
26
27<!-- END doctoc generated TOC please keep comment here to allow auto update -->
28
29## Introduction
30
31There are many ways in which you can contribute, beyond writing code. The goal
32of this document is to provide a high-level overview of how you can get
33involved.
34
35_Please note_: We take Ory Fosite's security and our users' trust very
36seriously. If you believe you have found a security issue in Ory Fosite,
37please responsibly disclose by contacting us at security@ory.sh.
38
39First: As a potential contributor, your changes and ideas are welcome at any
40hour of the day or night, weekdays, weekends, and holidays. Please do not ever
41hesitate to ask a question or send a pull request.
42
43If you are unsure, just ask or submit the issue or pull request anyways. You
44won't be yelled at for giving it your best effort. The worst that can happen is
45that you'll be politely asked to change something. We appreciate any sort of
46contributions, and don't want a wall of rules to get in the way of that.
47
48That said, if you want to ensure that a pull request is likely to be merged,
49talk to us! You can find out our thoughts and ensure that your contribution
50won't clash or be obviated by Ory
51Fosite's normal direction. A great way to
52do this is via
53[Ory Fosite Discussions](https://github.com/orgs/ory/discussions)
54or the [Ory Chat](https://www.ory.sh/chat).
55
56## FAQ
57
58- I am new to the community. Where can I find the
59 [Ory Community Code of Conduct?](https://github.com/ory/fosite/blob/master/CODE_OF_CONDUCT.md)
60
61- I have a question. Where can I get
62 [answers to questions regarding Ory Fosite?](#communication)
63
64- I would like to contribute but I am not sure how. Are there
65 [easy ways to contribute?](#how-can-i-contribute)
66 [Or good first issues?](https://github.com/search?l=&o=desc&q=label%3A%22help+wanted%22+label%3A%22good+first+issue%22+is%3Aopen+user%3Aory+user%3Aory-corp&s=updated&type=Issues)
67
68- I want to talk to other Ory Fosite users.
69 [How can I become a part of the community?](#communication)
70
71- I would like to know what I am agreeing to when I contribute to Ory
72 Fosite.
73 Does Ory have
74 [a Contributors License Agreement?](https://cla-assistant.io/ory/fosite)
75
76- I would like updates about new versions of Ory Fosite.
77 [How are new releases announced?](https://ory.us10.list-manage.com/subscribe?u=ffb1a878e4ec6c0ed312a3480&id=f605a41b53)
78
79## How can I contribute?
80
81If you want to start contributing code right away, we have a
82[list of good first issues](https://github.com/ory/fosite/labels/good%20first%20issue).
83
84There are many other ways you can contribute without writing any code. Here are
85a few things you can do to help out:
86
87- **Give us a star.** It may not seem like much, but it really makes a
88 difference. This is something that everyone can do to help out Ory Fosite.
89 Github stars help the project gain visibility and stand out.
90
91- **Join the community.** Sometimes helping people can be as easy as listening
92 to their problems and offering a different perspective. Join our Slack, have a
93 look at discussions in the forum and take part in our weekly hangout. More
94 info on this in [Communication](#communication).
95
96- **Helping with open issues.** We have a lot of open issues for Ory Fosite
97 and some of them may lack necessary information, some are duplicates of older
98 issues. You can help out by guiding people through the process of filling out
99 the issue template, asking for clarifying information, or pointing them to
100 existing issues that match their description of the problem.
101
102- **Reviewing documentation changes.** Most documentation just needs a review
103 for proper spelling and grammar. If you think a document can be improved in
104 any way, feel free to hit the `edit` button at the top of the page. More info
105 on contributing to documentation [here](#documentation).
106
107- **Help with tests.** Some pull requests may lack proper tests or test plans.
108 These are needed for the change to be implemented safely.
109
110## Communication
111
112We use [Slack](https://www.ory.sh/chat). You are welcome to drop in and ask
113questions, discuss bugs and feature requests, talk to other users of Ory, etc.
114
115Check out [Ory Fosite Discussions](https://github.com/orgs/ory/discussions). This is a great place for
116in-depth discussions and lots of code examples, logs and similar data.
117
118You can also join our community hangout, if you want to speak to the Ory team
119directly or ask some questions. You can find more info on the hangouts in
120[Slack](https://www.ory.sh/chat).
121
122If you want to receive regular notifications about updates to Ory Fosite,
123consider joining the mailing list. We will _only_ send you vital information on
124the projects that you are interested in.
125
126Also [follow us on twitter](https://twitter.com/orycorp).
127
128## Contributing Code
129
130Unless you are fixing a known bug, we **strongly** recommend discussing it with
131the core team via a GitHub issue or [in our chat](https://www.ory.sh/chat)
132before getting started to ensure your work is consistent with Ory Fosite's
133roadmap and architecture.
134
135All contributions are made via pull requests. To make a pull request, you will
136need a GitHub account; if you are unclear on this process, see GitHub's
137documentation on [forking](https://help.github.com/articles/fork-a-repo) and
138[pull requests](https://help.github.com/articles/using-pull-requests). Pull
139requests should be targeted at the `master` branch. Before creating a pull
140request, go through this checklist:
141
1421. Create a feature branch off of `master` so that changes do not get mixed up.
1431. [Rebase](http://git-scm.com/book/en/Git-Branching-Rebasing) your local
144 changes against the `master` branch.
1451. Run the full project test suite with the `go test -tags sqlite ./...` (or
146 equivalent) command and confirm that it passes.
1471. Run `make format` if a `Makefile` is available, `gofmt -s` if the project is
148 written in Go, `npm run format` if the project is written for NodeJS.
1491. Ensure that each commit has a descriptive prefix. This ensures a uniform
150 commit history and helps structure the changelog.
151 Please refer to this
152 [list of prefixes for Fosite](https://github.com/ory/fosite/blob/master/.github/semantic.yml)
153 for an overview.
1541. Sign-up with CircleCI so that it has access to your repository with the
155 branch containing your PR. Simply creating a CircleCI account is sufficient
156 for the CI jobs to run, you do not need to setup a CircleCI project for the
157 branch.
158
159If a pull request is not ready to be reviewed yet
160[it should be marked as a "Draft"](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request).
161
162Before your contributions can be reviewed you need to sign our
163[Contributor License Agreement](https://cla-assistant.io/ory/fosite).
164
165This agreement defines the terms under which your code is contributed to Ory.
166More specifically it declares that you have the right to, and actually do, grant
167us the rights to use your contribution. You can see the Apache 2.0 license under
168which our projects are published
169[here](https://github.com/ory/meta/blob/master/LICENSE).
170
171When pull requests fail testing, authors are expected to update their pull
172requests to address the failures until the tests pass.
173
174Pull requests eligible for review
175
1761. follow the repository's code formatting conventions;
1772. include tests which prove that the change works as intended and does not add
178 regressions;
1793. document the changes in the code and/or the project's documentation;
1804. pass the CI pipeline;
1815. have signed our
182 [Contributor License Agreement](https://cla-assistant.io/ory/fosite);
1836. include a proper git commit message following the
184 [Conventional Commit Specification](https://www.conventionalcommits.org/en/v1.0.0/).
185
186If all of these items are checked, the pull request is ready to be reviewed and
187you should change the status to "Ready for review" and
188[request review from a maintainer](https://docs.github.com/en/github/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review).
189
190Reviewers will approve the pull request once they are satisfied with the patch.
191
192## Documentation
193
194Please provide documentation when changing, removing, or adding features.
195Documentation resides in the project's
196[docs](https://github.com/ory/fosite/tree/master/docs) folder. Generate API and
197configuration reference documentation using `cd docs; npm run gen`.
198
199For further instructions please head over to
200[docs/README.md](https://github.com/ory/fosite/blob/master/README.md).
201
202## Disclosing vulnerabilities
203
204Please disclose vulnerabilities exclusively to
205[security@ory.sh](mailto:security@ory.sh). Do not use GitHub issues.
206
207## Code Style
208
209Please follow these guidelines when formatting source code:
210
211- Go code should match the output of `gofmt -s` and pass `golangci-lint run`.
212- NodeJS and JavaScript code should be prettified using `npm run format` where
213 appropriate.
214
215### Working with Forks
216
217```
218# First you clone the original repository
219git clone git@github.com:ory/ory/fosite.git
220
221# Next you add a git remote that is your fork:
222git remote add fork git@github.com:<YOUR-GITHUB-USERNAME-HERE>/ory/fosite.git
223
224# Next you fetch the latest changes from origin for master:
225git fetch origin
226git checkout master
227git pull --rebase
228
229# Next you create a new feature branch off of master:
230git checkout my-feature-branch
231
232# Now you do your work and commit your changes:
233git add -A
234git commit -a -m "fix: this is the subject line" -m "This is the body line. Closes #123"
235
236# And the last step is pushing this to your fork
237git push -u fork my-feature-branch
238```
239
240Now go to the project's GitHub Pull Request page and click "New pull request"
241
242## Conduct
243
244Whether you are a regular contributor or a newcomer, we care about making this
245community a safe place for you and we've got your back.
246
247- We are committed to providing a friendly, safe and welcoming environment for
248 all, regardless of gender, sexual orientation, disability, ethnicity,
249 religion, or similar personal characteristic.
250- Please avoid using nicknames that might detract from a friendly, safe and
251 welcoming environment for all.
252- Be kind and courteous. There is no need to be mean or rude.
253- We will exclude you from interaction if you insult, demean or harass anyone.
254 In particular, we do not tolerate behavior that excludes people in socially
255 marginalized groups.
256- Private harassment is also unacceptable. No matter who you are, if you feel
257 you have been or are being harassed or made uncomfortable by a community
258 member, please contact one of the channel ops or a member of the Ory Fosite
259 core team immediately.
260- Likewise any spamming, trolling, flaming, baiting or other attention-stealing
261 behaviour is not welcome.
262
263We welcome discussion about creating a welcoming, safe, and productive
264environment for the community. If you have any questions, feedback, or concerns
265[please let us know](https://www.ory.sh/chat).
View as plain text