Third-party patches are essential for keeping bluemonday secure and offering the features developers want. However there are a few guidelines that we need contributors to follow so that we can maintain the quality of work that developers who use bluemonday expect.
If you are reporting a security flaw, you may expect that we will provide the code to fix it for you. Otherwise you may want to submit a pull request to ensure the resolution is applied sooner rather than later:
go test -v ./...or
make testand ensure all tests pass
gofmt -w ./$*or
go tool vet *.goor
make vetand resolve any issues
go get -u github.com/golang/lint/golintand run vet
make lintand resolve every warning
Closes #6in the pull request comment to close issue #6 when the pull request is accepted
Once you have submitted a pull request, we may merge it without changes. If we have any comments or feedback, or need you to make changes to your pull request we will update the Github pull request or the associated issue. We expect responses from you within two weeks, and we may close the pull request is there is no activity.
But we do need to know that we can accept and merge your contributions, so for now the act of contributing a pull request should be considered equivalent to agreeing to a contributor licence agreement, specifically:
You accept that the act of submitting code to the bluemonday project is to grant a copyright licence to the project that is perpetual, worldwide, non-exclusive, no-charge, royalty free and irrevocable.
You accept that all who comply with the licence of the project (BSD 3-clause) are permitted to use your contributions to the project.
You accept, and by submitting code do declare, that you have the legal right to grant such a licence to the project and that each of the contributions is your own original creation.