This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

metasploit-framework/CONTRIBUTING.md at master · rapid7/metasploit-framework · GitHub

Skip to content

Sign in Sign up

rapid7/metasploit-framework

Permalink

Join GitHub today

GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.

Sign up Switch branches/tags
4.x GSoC/Meterpreter_Web_Console MS-2855/keylogger-mettle-extension bug/bundler_fix d215aeb5 gh-pages master unstable Nothing to show v4.11.7 sprint-G08 sprint-G07 sprint-G06 sprint-G05 sprint-G04 sprint-G03 sprint-G02 sprint-G01 sprint-G00 sprint-F09 sprint-F08 sprint-F07 sprint-F06 sprint-F05 sprint-F04 sprint-F03 sprint-F02 sprint-F01 sprint-F00 sprint-E07 sprint-E06 sprint-E05 sprint-E04 sprint-E03 sprint-E02 sprint-E01 sprint-E00 sprint-D08 sprint-D07 sprint-D06 sprint-D05 sprint-D04 sprint-D03 sprint-D02 sprint-D01 sprint-D00 sprint-C06 sprint-C05 sprint-C04 sprint-C03 sprint-C02 sprint-C01 sprint-C00 sprint-B06 sprint-B05 sprint-B04 sprint-B03 sprint-B02 sprint-B01 sprint-B00 sprint-A07 sprint-A06 sprint-A05 sprint-A04 sprint-A03 sprint-A02 sprint-A01 show hard-tabs cthulhutp blog-20151007 blog-20150827 blog-20150813 blog-20150730 blog-20150723 blog-20150702 blog-20150626 blog-20150618 blog-20150612 blog-20150604 blog-20150528 blog-20150522 blog-20150506 blog-20150327 blog-20150320 blog-20150311 blog-20150305 blog-20150226 blog-20150219 blog-20150212 blog-20150205 2015071402 2015070901 2015063001 2015051401 2015050601 2015042001 2015041601 2015040202 2015032401 2015031701 2015031001 2015030501 2015022303 2015022302 2015022301 2015021901 2015021201 2015013101 Nothing to show Find file Copy path metasploit-framework/CONTRIBUTING.md 16d7c05 Dec 13, 2018 ccondon-r7 Update CONTRIBUTING.md 4 contributors

Users who have contributed to this file

Raw Blame History 102 lines (81 sloc) 5.75 KB

Hello, World!

Thanks for your interest in making Metasploit -- and therefore, the world -- a better place! Before you get started, review our Code of Conduct. There are mutliple ways to help beyond just writing code:

Contributing to Metasploit

Here's a short list of do's and don'ts to make sure your valuable contributions actually make it into Metasploit's master branch. If you do not care to follow these rules, your contribution will be closed. Sorry!

Code Contributions

  • Do stick to the Ruby style guide and use Rubocop to find common style issues.
  • Do follow the 50/72 rule for Git commit messages.
  • Do license your code as BSD 3-clause, BSD 2-clause, or MIT.
  • Do create a topic branch to work on instead of working directly on master to preserve the history of your pull request. See PR#8000 for an example of losing commit history as soon as you update your own master branch.

Pull Requests

  • Do target your pull request to the master branch.
  • Do specify a descriptive title to make searching for your pull request easier.
  • Do include console output, especially for witnessable effects in msfconsole.
  • Do list verification steps so your code is testable.
  • Do reference associated issues in your pull request description.
  • Don't leave your pull request description blank.
  • Don't abandon your pull request. Being responsive helps us land your code faster.

Pull request PR#9966 is a good example to follow.

New Modules

  • Do set up msftidy to fix any errors or warnings that come up as a pre-commit hook.
  • Do use the many module mixin APIs.
  • Don't include more than one module per pull request.
  • Do include instructions on how to setup the vulnerable environment or software.
  • Do include Module Documentation showing sample run-throughs.
  • Don't submit new scripts. Scripts are shipped as examples for automating local tasks, and anything "serious" can be done with post modules and local exploits.

Library Code

  • Do write RSpec tests - even the smallest change in a library can break existing code.
  • Do follow Better Specs - it's like the style guide for specs.
  • Do write YARD documentation - this makes it easier for people to use your code.
  • Don't fix a lot of things in one pull request. Small fixes are easier to validate.

Bug Fixes

  • Do include reproduction steps in the form of verification steps.
  • Do link to any corresponding Issues in the format of See #1234 in your commit description.

Bug Reports

Please report vulnerabilities in Rapid7 software directly to [email protected]. For more on our disclosure policy and Rapid7's approach to coordinated disclosure, head over here.

When reporting Metasploit issues:

  • Do write a detailed description of your bug and use a descriptive title.
  • Do include reproduction steps, stack traces, and anything that might help us fix your bug.
  • Don't file duplicate reports; search for your bug before filing a new report.

If you need some more guidance, talk to the main body of open source contributors over on our Metasploit Slack or #metasploit on Freenode IRC.

Finally, thank you for taking the few moments to read this far! You're already way ahead of the curve, so keep it up!

You can’t perform that action at this time. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. Press h to open a hovercard with more details.