github.com/khulnasoft/cli@v0.0.0-20240402070845-01bcad7beefa/CONTRIBUTING.md (about) 1 # Contributing to Docker 2 3 This page contains information about reporting issues as well as some tips and 4 guidelines useful to experienced open source contributors. Finally, make sure 5 you read our [community guidelines](#docker-community-guidelines) before you 6 start participating. 7 8 ## Topics 9 10 * [Reporting Security Issues](#reporting-security-issues) 11 * [Design and Cleanup Proposals](#design-and-cleanup-proposals) 12 * [Reporting Issues](#reporting-other-issues) 13 * [Quick Contribution Tips and Guidelines](#quick-contribution-tips-and-guidelines) 14 * [Community Guidelines](#docker-community-guidelines) 15 16 ## Reporting security issues 17 18 The Docker maintainers take security seriously. If you discover a security 19 issue, please bring it to their attention right away! 20 21 Please **DO NOT** file a public issue, instead send your report privately to 22 [security@docker.com](mailto:security@docker.com). 23 24 Security reports are greatly appreciated and we will publicly thank you for it. 25 We also like to send gifts—if you're into Docker schwag, make sure to let 26 us know. We currently do not offer a paid security bounty program, but are not 27 ruling it out in the future. 28 29 30 ## Reporting other issues 31 32 A great way to contribute to the project is to send a detailed report when you 33 encounter an issue. We always appreciate a well-written, thorough bug report, 34 and will thank you for it! 35 36 Check that [our issue database](https://github.com/khulnasoft/cli/issues) 37 doesn't already include that problem or suggestion before submitting an issue. 38 If you find a match, you can use the "subscribe" button to get notified on 39 updates. Do *not* leave random "+1" or "I have this too" comments, as they 40 only clutter the discussion, and don't help resolving it. However, if you 41 have ways to reproduce the issue or have additional information that may help 42 resolving the issue, please leave a comment. 43 44 When reporting issues, always include: 45 46 * The output of `docker version`. 47 * The output of `docker info`. 48 49 Also include the steps required to reproduce the problem if possible and 50 applicable. This information will help us review and fix your issue faster. 51 When sending lengthy log-files, consider posting them as a gist (https://gist.github.com). 52 Don't forget to remove sensitive data from your logfiles before posting (you can 53 replace those parts with "REDACTED"). 54 55 ## Quick contribution tips and guidelines 56 57 This section gives the experienced contributor some tips and guidelines. 58 59 ### Pull requests are always welcome 60 61 Not sure if that typo is worth a pull request? Found a bug and know how to fix 62 it? Do it! We will appreciate it. Any significant improvement should be 63 documented as [a GitHub issue](https://github.com/khulnasoft/cli/issues) before 64 anybody starts working on it. 65 66 We are always thrilled to receive pull requests. We do our best to process them 67 quickly. If your pull request is not accepted on the first try, 68 don't get discouraged! Our contributor's guide explains [the review process we 69 use for simple changes](https://docs.docker.com/opensource/workflow/make-a-contribution/). 70 71 ### Talking to other Docker users and contributors 72 73 <table class="tg"> 74 <col width="45%"> 75 <col width="65%"> 76 <tr> 77 <td>Forums</td> 78 <td> 79 A public forum for users to discuss questions and explore current design patterns and 80 best practices about Docker and related projects in the Docker Ecosystem. To participate, 81 just log in with your Docker Hub account on <a href="https://forums.docker.com" target="_blank">https://forums.docker.com</a>. 82 </td> 83 </tr> 84 <tr> 85 <td>Community Slack</td> 86 <td> 87 The Docker Community has a dedicated Slack chat to discuss features and issues. You can sign-up <a href="https://dockr.ly/comm-slack" target="_blank">with this link</a>. 88 </td> 89 </tr> 90 <tr> 91 <td>Twitter</td> 92 <td> 93 You can follow <a href="https://twitter.com/docker/" target="_blank">Docker's Twitter feed</a> 94 to get updates on our products. You can also tweet us questions or just 95 share blogs or stories. 96 </td> 97 </tr> 98 <tr> 99 <td>Stack Overflow</td> 100 <td> 101 Stack Overflow has over 17000 Docker questions listed. We regularly 102 monitor <a href="https://stackoverflow.com/search?tab=newest&q=docker" target="_blank">Docker questions</a> 103 and so do many other knowledgeable Docker users. 104 </td> 105 </tr> 106 </table> 107 108 109 ### Conventions 110 111 Fork the repository and make changes on your fork in a feature branch: 112 113 - If it's a bug fix branch, name it XXXX-something where XXXX is the number of 114 the issue. 115 - If it's a feature branch, create an enhancement issue to announce 116 your intentions, and name it XXXX-something where XXXX is the number of the 117 issue. 118 119 Submit unit tests for your changes. Go has a great test framework built in; use 120 it! Take a look at existing tests for inspiration. [Run the full test 121 suite](README.md) on your branch before 122 submitting a pull request. 123 124 Update the documentation when creating or modifying features. Test your 125 documentation changes for clarity, concision, and correctness, as well as a 126 clean documentation build. See our contributors guide for [our style 127 guide](https://docs.docker.com/opensource/doc-style) and instructions on [building 128 the documentation](https://docs.docker.com/opensource/project/test-and-docs/#build-and-test-the-documentation). 129 130 Write clean code. Universally formatted code promotes ease of writing, reading, 131 and maintenance. Always run `gofmt -s -w file.go` on each changed file before 132 committing your changes. Most editors have plug-ins that do this automatically. 133 134 Pull request descriptions should be as clear as possible and include a reference 135 to all the issues that they address. 136 137 Commit messages must start with a capitalized and short summary (max. 50 chars) 138 written in the imperative, followed by an optional, more detailed explanatory 139 text which is separated from the summary by an empty line. 140 141 Code review comments may be added to your pull request. Discuss, then make the 142 suggested modifications and push additional commits to your feature branch. Post 143 a comment after pushing. New commits show up in the pull request automatically, 144 but the reviewers are notified only when you comment. 145 146 Pull requests must be cleanly rebased on top of master without multiple branches 147 mixed into the PR. 148 149 **Git tip**: If your PR no longer merges cleanly, use `rebase master` in your 150 feature branch to update your pull request rather than `merge master`. 151 152 Before you make a pull request, squash your commits into logical units of work 153 using `git rebase -i` and `git push -f`. A logical unit of work is a consistent 154 set of patches that should be reviewed together: for example, upgrading the 155 version of a vendored dependency and taking advantage of its now available new 156 feature constitute two separate units of work. Implementing a new function and 157 calling it in another file constitute a single logical unit of work. The very 158 high majority of submissions should have a single commit, so if in doubt: squash 159 down to one. 160 161 After every commit, make sure the test suite passes. Include documentation 162 changes in the same pull request so that a revert would remove all traces of 163 the feature or fix. 164 165 Include an issue reference like `Closes #XXXX` or `Fixes #XXXX` in the pull request 166 description that close an issue. Including references automatically closes the issue 167 on a merge. 168 169 Please do not add yourself to the `AUTHORS` file, as it is regenerated regularly 170 from the Git history. 171 172 Please see the [Coding Style](#coding-style) for further guidelines. 173 174 ### Merge approval 175 176 Docker maintainers use LGTM (Looks Good To Me) in comments on the code review to 177 indicate acceptance. 178 179 A change requires LGTMs from an absolute majority of the maintainers of each 180 component affected. For example, if a change affects `docs/` and `registry/`, it 181 needs an absolute majority from the maintainers of `docs/` AND, separately, an 182 absolute majority of the maintainers of `registry/`. 183 184 For more details, see the [MAINTAINERS](MAINTAINERS) page. 185 186 ### Sign your work 187 188 The sign-off is a simple line at the end of the explanation for the patch. Your 189 signature certifies that you wrote the patch or otherwise have the right to pass 190 it on as an open-source patch. The rules are pretty simple: if you can certify 191 the below (from [developercertificate.org](https://developercertificate.org): 192 193 ``` 194 Developer Certificate of Origin 195 Version 1.1 196 197 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 198 660 York Street, Suite 102, 199 San Francisco, CA 94110 USA 200 201 Everyone is permitted to copy and distribute verbatim copies of this 202 license document, but changing it is not allowed. 203 204 Developer's Certificate of Origin 1.1 205 206 By making a contribution to this project, I certify that: 207 208 (a) The contribution was created in whole or in part by me and I 209 have the right to submit it under the open source license 210 indicated in the file; or 211 212 (b) The contribution is based upon previous work that, to the best 213 of my knowledge, is covered under an appropriate open source 214 license and I have the right under that license to submit that 215 work with modifications, whether created in whole or in part 216 by me, under the same open source license (unless I am 217 permitted to submit under a different license), as indicated 218 in the file; or 219 220 (c) The contribution was provided directly to me by some other 221 person who certified (a), (b) or (c) and I have not modified 222 it. 223 224 (d) I understand and agree that this project and the contribution 225 are public and that a record of the contribution (including all 226 personal information I submit with it, including my sign-off) is 227 maintained indefinitely and may be redistributed consistent with 228 this project or the open source license(s) involved. 229 ``` 230 231 Then you just add a line to every git commit message: 232 233 Signed-off-by: Joe Smith <joe.smith@email.com> 234 235 Use your real name (sorry, no pseudonyms or anonymous contributions.) 236 237 If you set your `user.name` and `user.email` git configs, you can sign your 238 commit automatically with `git commit -s`. 239 240 ### How can I become a maintainer? 241 242 The procedures for adding new maintainers are explained in the 243 global [MAINTAINERS](https://github.com/docker/opensource/blob/master/MAINTAINERS) 244 file in the [https://github.com/docker/opensource/](https://github.com/docker/opensource/) 245 repository. 246 247 Don't forget: being a maintainer is a time investment. Make sure you 248 will have time to make yourself available. You don't have to be a 249 maintainer to make a difference on the project! 250 251 ## Docker community guidelines 252 253 We want to keep the Docker community awesome, growing and collaborative. We need 254 your help to keep it that way. To help with this we've come up with some general 255 guidelines for the community as a whole: 256 257 * Be nice: Be courteous, respectful and polite to fellow community members: 258 no regional, racial, gender, or other abuse will be tolerated. We like 259 nice people way better than mean ones! 260 261 * Encourage diversity and participation: Make everyone in our community feel 262 welcome, regardless of their background and the extent of their 263 contributions, and do everything possible to encourage participation in 264 our community. 265 266 * Keep it legal: Basically, don't get us in trouble. Share only content that 267 you own, do not share private or sensitive information, and don't break 268 the law. 269 270 * Stay on topic: Make sure that you are posting to the correct channel and 271 avoid off-topic discussions. Remember when you update an issue or respond 272 to an email you are potentially sending to a large number of people. Please 273 consider this before you update. Also remember that nobody likes spam. 274 275 * Don't send email to the maintainers: There's no need to send email to the 276 maintainers to ask them to investigate an issue or to take a look at a 277 pull request. Instead of sending an email, GitHub mentions should be 278 used to ping maintainers to review a pull request, a proposal or an 279 issue. 280 281 ### Guideline violations — 3 strikes method 282 283 The point of this section is not to find opportunities to punish people, but we 284 do need a fair way to deal with people who are making our community suck. 285 286 1. First occurrence: We'll give you a friendly, but public reminder that the 287 behavior is inappropriate according to our guidelines. 288 289 2. Second occurrence: We will send you a private message with a warning that 290 any additional violations will result in removal from the community. 291 292 3. Third occurrence: Depending on the violation, we may need to delete or ban 293 your account. 294 295 **Notes:** 296 297 * Obvious spammers are banned on first occurrence. If we don't do this, we'll 298 have spam all over the place. 299 300 * Violations are forgiven after 6 months of good behavior, and we won't hold a 301 grudge. 302 303 * People who commit minor infractions will get some education, rather than 304 hammering them in the 3 strikes process. 305 306 * The rules apply equally to everyone in the community, no matter how much 307 you've contributed. 308 309 * Extreme violations of a threatening, abusive, destructive or illegal nature 310 will be addressed immediately and are not subject to 3 strikes or forgiveness. 311 312 * Contact abuse@docker.com to report abuse or appeal violations. In the case of 313 appeals, we know that mistakes happen, and we'll work with you to come up with a 314 fair solution if there has been a misunderstanding. 315 316 ## Coding Style 317 318 Unless explicitly stated, we follow all coding guidelines from the Go 319 community. While some of these standards may seem arbitrary, they somehow seem 320 to result in a solid, consistent codebase. 321 322 It is possible that the code base does not currently comply with these 323 guidelines. We are not looking for a massive PR that fixes this, since that 324 goes against the spirit of the guidelines. All new contributions should make a 325 best effort to clean up and make the code base better than they left it. 326 Obviously, apply your best judgement. Remember, the goal here is to make the 327 code base easier for humans to navigate and understand. Always keep that in 328 mind when nudging others to comply. 329 330 The rules: 331 332 1. All code should be formatted with `gofumpt` (preferred) or `gofmt -s`. 333 2. All code should pass the default levels of 334 [`golint`](https://github.com/golang/lint). 335 3. All code should follow the guidelines covered in [Effective Go](https://go.dev/doc/effective_go) 336 and [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments). 337 4. Comment the code. Tell us the why, the history and the context. 338 5. Document _all_ declarations and methods, even private ones. Declare 339 expectations, caveats and anything else that may be important. If a type 340 gets exported, having the comments already there will ensure it's ready. 341 6. Variable name length should be proportional to its context and no longer. 342 `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`. 343 In practice, short methods will have short variable names and globals will 344 have longer names. 345 7. No underscores in package names. If you need a compound name, step back, 346 and re-examine why you need a compound name. If you still think you need a 347 compound name, lose the underscore. 348 8. No utils or helpers packages. If a function is not general enough to 349 warrant its own package, it has not been written generally enough to be a 350 part of a util package. Just leave it unexported and well-documented. 351 9. All tests should run with `go test` and outside tooling should not be 352 required. No, we don't need another unit testing framework. Assertion 353 packages are acceptable if they provide _real_ incremental value. 354 10. Even though we call these "rules" above, they are actually just 355 guidelines. Since you've read all the rules, you now know that. 356 357 If you are having trouble getting into the mood of idiomatic Go, we recommend 358 reading through [Effective Go](https://go.dev/doc/effective_go). The 359 [Go Blog](https://go.dev/blog/) is also a great resource. Drinking the 360 kool-aid is a lot easier than going thirsty.