-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docs(contributing): add contributing docunment to .github
Signed-off-by: gacallea <[email protected]>
- Loading branch information
1 parent
d7aa006
commit 71e464b
Showing
1 changed file
with
164 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,164 @@ | ||
| # CONTRIBUTING | ||
|
|
||
| Thank you for investing your time in contributing to this project! | ||
|
|
||
| Read the [Code of Conduct](./CODE_OF_CONDUCT.md) to keep this community | ||
| approachable and respectable. | ||
|
|
||
| To get an overview of the project's best practices, read the | ||
| [rationale](#rationale). | ||
|
|
||
| In this guide you will get an overview of the contribution workflow from | ||
| opening an issue, creating a PR, reviewing, and merging the PR. | ||
|
|
||
| ## New contributor guide | ||
|
|
||
| Some resources to help you get started with open source contributions: | ||
|
|
||
| - [Finding ways to contribute to open source on | ||
| GitHub](https://docs.github.com/en/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github) | ||
| - [Set up | ||
| Git](https://docs.github.com/en/get-started/getting-started-with-git/set-up-git) | ||
| - [Collaborating with pull | ||
| requests](https://docs.github.com/en/github/collaborating-with-pull-requests) | ||
|
|
||
| ## Getting started | ||
|
|
||
| This project adheres to [Conventional | ||
| Commits](https://www.conventionalcommits.org/en/v1.0.0/), [Semantic | ||
| Versioning](https://semver.org/spec/v2.0.0.html), and [Keep a | ||
| Changelog](https://keepachangelog.com/en/1.0.0/). This project also strives to | ||
| apply [AppSec](https://www.ibm.com/topics/application-security) [during the | ||
| entire development life cycle](https://www.youtube.com/watch?v=hDvz8KivY_U), as | ||
| best as it can. | ||
|
|
||
| ### Issues | ||
|
|
||
| #### Create a new issue | ||
|
|
||
| If you spot a problem, [search if an issue already | ||
| exists](https://docs.github.com/en/github/searching-for-information-on-github/searching-on-github/searching-issues-and-pull-requests#search-by-the-title-body-or-comments). | ||
| If a related issue doesn't exist, you can open a new issue using a relevant | ||
| [issue | ||
| form](https://github.com/gacallea/freesound-credits/issues/new/choose). | ||
|
|
||
| ### Make changes | ||
|
|
||
| > [!IMPORTANT] | ||
| > Contributors necessarily need installing and perusing tooling | ||
| > locally guaranteeing contracts before committing any changes. | ||
| #### Install requirements | ||
|
|
||
| - [Set up Rust with `rustup`](https://www.rust-lang.org/tools/install) | ||
| - Install [`cargo | ||
| audit`](https://github.com/rustsec/rustsec/blob/main/cargo-audit/README.md): | ||
| `cargo install cargo-audit --locked` | ||
| - Install [`cargo | ||
| auditable`](https://github.com/rust-secure-code/cargo-auditable): `cargo | ||
| install cargo-auditable --locked` | ||
| - Set up a [shell alias for `cargo | ||
| auditable`](https://github.com/rust-secure-code/cargo-auditable?tab=readme-ov-file#can-i-make-cargo-always-build-with-cargo-auditable): | ||
| - Install [`cargo deny`](https://embarkstudios.github.io/cargo-deny/): `cargo | ||
| install --locked cargo-deny` | ||
| - Install [`pre-commit`](https://pre-commit.com): `pip install pre-commit` | ||
| - Install [`trufflehog`](https://trufflesecurity.com/trufflehog): `brew | ||
| install trufflehog` | ||
| - Otherwise, download a binary from [`trufflehog` release | ||
| page](https://github.com/trufflesecurity/trufflehog/releases). | ||
|
|
||
| #### Make changes locally | ||
|
|
||
| - 1 Fork the repository. | ||
|
|
||
| - Using GitHub Desktop: | ||
| - [Getting started with GitHub | ||
| Desktop](https://docs.github.com/en/desktop/installing-and-configuring-github-desktop/getting-started-with-github-desktop) | ||
| will guide you through setting up Desktop. | ||
| - Once you set up Desktop, you can use it to [fork the | ||
| repository](https://docs.github.com/en/desktop/contributing-and-collaborating-using-github-desktop/cloning-and-forking-repositories-from-github-desktop)! | ||
|
|
||
| - Using the command line: | ||
| - [Fork the | ||
| repository](https://docs.github.com/en/github/getting-started-with-github/fork-a-repo#fork-an-example-repository) | ||
| so that you can make your changes without affecting the original project | ||
| until you're ready to merge them. | ||
|
|
||
| - 2 Install `pre-commit` [Git Hooks](https://githooks.com) with `pre-commit | ||
| install --install-hooks` | ||
| - 3 Create a working branch and start with your changes! | ||
|
|
||
| ### Commit your update | ||
|
|
||
| Before committing any changes, make sure `pre-commit run --all-files` returns | ||
| no issues. Should it present any warning or issue: please fix, rinse and | ||
| repeat. | ||
|
|
||
| Once happy with them, commit the changes. Don't forget to use "[Conventional | ||
| Commits](https://www.conventionalcommits.org/en/v1.0.0/#why-use-conventional-commits)". | ||
|
|
||
| ### Pull request | ||
|
|
||
| When you completed the changes, create a pull request, also known as a PR. | ||
|
|
||
| - Fill the "Ready for review" template so that we can review your PR. This | ||
| template helps reviewers understand your changes as well as the purpose of your | ||
| pull request. | ||
| - Don't forget to [link PR to | ||
| issue](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue) | ||
| if you are solving one. | ||
| - Enable the checkbox to [allow maintainer | ||
| edits](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/allowing-changes-to-a-pull-request-branch-created-from-a-fork) | ||
| so the branch can be updated for a merge. Once you submit your PR, a Docs team | ||
| member will review your proposal. We may ask questions or request additional | ||
| information. | ||
| - We may ask for changes to be made before a PR can be merged, either using | ||
| [suggested | ||
| changes](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/incorporating-feedback-in-your-pull-request) | ||
| or pull request comments. You can apply suggested changes directly through the | ||
| UI. You can make any other changes in your fork, then commit them to your | ||
| branch. | ||
| - As you update your PR and apply changes, mark each conversation as | ||
| [resolved](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/commenting-on-a-pull-request#resolving-conversations). | ||
| - If you run into any merge issues, checkout this [git | ||
| tutorial](https://github.com/skills/resolve-merge-conflicts) to help you | ||
| resolve merge conflicts and other issues. | ||
|
|
||
| ### Your PR is merged | ||
|
|
||
| Congratulations :tada::tada: The `freesound-credits` team thanks you | ||
| :sparkles:. | ||
|
|
||
| Once your PR is merged, your contributions will be publicly visible on the | ||
| [GitHub docs](https://docs.github.com/en). | ||
|
|
||
| Now that you are part of the GitHub docs community, see how else you can | ||
| [contribute to the docs](/contributing/types-of-contributions.md). | ||
|
|
||
| ## Rationale | ||
|
|
||
| Because [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/), | ||
| [Semantic Versioning](https://semver.org/spec/v2.0.0.html), and [Keep a | ||
| Changelog](https://keepachangelog.com/en/1.0.0/) intertwine and must seamlessly | ||
| work in concert to fully appreciate their benefits, this project relies on: | ||
|
|
||
| - [commitlint](https://github.com/opensource-nepal/commitlint): to guarantee | ||
| all commits adhere to Conventional Commits. | ||
| [release-plz](https://release-plz.ieni.dev): to automate changelog. To handle | ||
| dependency updates, version management, and [crates.io](https://crates.io) | ||
| releases. To invoke [cargo-dist](https://opensource.axo.dev/cargo-dist/) to | ||
| create GitHub releases and packaging for various platforms. | ||
|
|
||
| ### Guaranteeing contracts | ||
|
|
||
| Manually enforcing best practices and guaranteeing contracts in a code base and | ||
| onto contributors befalls under the inadequate and cumbersome category. Thus, | ||
| this project relies on [local tooling](#install-requirements) together with C.I | ||
| pipelines, to make sure any changes pushed to this project repository don't | ||
| break contract. | ||
|
|
||
| Because local development guarantees depend upon contributors abiding to the | ||
| afore requirements, this project relies on GitHub Actions as well. Besides the | ||
| pipelines mirroring the afore requirements, they also updates the Rust and | ||
| GitHub Actions dependencies with | ||
| [`Dependabot`](https://docs.github.com/en/code-security/dependabot). |