Please feel free to make contributions to DetectionLab that fit into any of the following categories:
- Bug fixes
- Improvements to existing configurations
- Feature additions/enhancements
- Tooling additions/improvements
The following types of changes should be maintained on a personal fork and should not submitted as a PR:
- Switching out existing tooling based on personal taste (e.g. replacing Splunk with ELK)
- Adding additional Boxes/VMs
- Any changes that result in drastically longer build times
- Any configurations that are not portable
All contributions are submitted via pull requests open against the master branch. Pull requests are all reviewed and must pass continuous integration tests before being merged.
If you're unfamiliar with GitHub or how pull requests work, GitHub has a very easy to follow guide that teaches you how to fork the project and submit your first PR. You can follow it here.
Once you submit your PR, it will be held for approval until someone manually approves the CI test on CircleCI.
If the test fails or the reviewer requests changes, please submit those changes by appending new commits to your feature branch.
Once your pull request is approved and the CircleCI build passes, the PR is ready to merge. A maintainer will merge your PR into master at this point in time.
The DetectionLab repo contains only the master branch. I don't keep feature or release branches.
By contributing to DetectionLab you agree that your contributions will be licensed as defined on the LICENSE file.