A big welcome and thank you for considering contributing to the Desktop Security Center and Ubuntu! It’s people like you that make it a reality for users in our community.
Reading and following these guidelines will help us make the contribution process easy and effective for everyone involved. It also communicates that you agree to respect the time of the developers managing and developing this project. In return, we will reciprocate that respect by addressing your issue, assessing changes, and helping you finalize your pull requests.
These are mostly guidelines, not rules. Use your best judgment, and feel free to propose changes to this document in a pull request.
- Code of Conduct
- Getting Started
- Issues
- Pull Requests
- Contributing to the code
- Contributor License Agreement
- Getting Help
We take our community seriously and hold ourselves and other contributors to high standards of communication. By participating and contributing to this project, you agree to uphold our Code of Conduct.
Contributions are made to this project via Issues and Pull Requests (PRs). A few general guidelines that cover both:
- To report security vulnerabilities, please use the advisories page of the
repository and not a public bug report. Please use launchpad private
bugs
which is monitored by our security team. On ubuntu machine, it’s best to use
ubuntu-bug desktop-security-center
to collect relevant information. FIXME: snap? - Search for existing Issues and PRs on this repository before creating your own.
- We work hard to makes sure issues are handled in a timely manner but, depending on the impact, it could take a while to investigate the root cause. A friendly ping in the comment thread to the submitter or a contributor can help draw attention if your issue is blocking.
- If you've never contributed before, see this Ubuntu discourse post for resources and tips on how to get started.
Issues should be used to report problems with the software, request a new feature, or to discuss potential changes before a PR is created. When you create a new Issue, a template will be loaded that will guide you through collecting and providing the information we need to investigate.
If you find an Issue that addresses the problem you're having, please add your own reproduction information to the existing issue rather than creating a new one. Adding a reaction can also help be indicating to our maintainers that a particular problem is affecting more than just the reporter.
PRs to our project are always welcome and can be a quick way to get your fix or improvement slated for the next release. In general, PRs should:
- Only fix/add the functionality in question OR address wide-spread whitespace/style issues, not both.
- Add unit or integration tests for fixed or changed functionality.
- Address a single concern in the least number of changed lines as possible.
- Include documentation in the repo or on our docs site.
- Be accompanied by a complete Pull Request template (loaded automatically when a PR is created).
For changes that address core functionality or would require breaking changes (e.g. a major release), it's best to open an Issue to discuss your proposal first. This is not required but can save time creating and reviewing changes.
In general, we follow the "fork-and-pull" Git workflow
- Fork the repository to your own Github account
- Clone the project to your machine
- Create a branch locally with a succinct but descriptive name
- Commit changes to the branch
- Following any formatting and testing guidelines specific to this repo
- Push changes to your fork
- Open a PR in our repository and follow the PR template so that we can efficiently review the changes.
PRs will trigger unit and integration tests with and without race detection, linting and formatting validations, static and security checks, freshness of generated files verification. All the tests must pass before merging in main branch.
Once merged to the main branch, po
files and any documentation change will be
automatically updated. Those are thus not necessary in the pull request itself
to minimize diff review.
Install Flutter - the
currently used version is specified in .fvmrc
. If you're using
fvm to manage your Flutter SDK, you can simply run fvm install
to install the required version.
Install the Flutter Linux prerequisites
We provide a Melos configuration to make it straightforward to execute common tasks.
Install fvm (you can also install it from the scripts directory in the repository):
curl -fsSL https://fvm.app/install.sh | bash
Install Melos:
dart pub global activate melos
Bootstrap the monorepo:
melos bootstrap
melos bootstrap
connects all the local packages/apps to each other with the
help of pubspec_overrides.yaml
files, and it also runs pub get
in all
packages/apps.
You can run the application with
fvm flutter run
and build a release version with
melos build
The project includes a comprehensive test suite. All the tests must pass before the review is considered. If you have troubles with the testsuite, feel free to mention it on your PR description.
The test suite uses the mockito framework to generate mocks. If you modify existing tests or add new ones, you might need to regenerate the mocks by running
melos generate
You can run the tests with
melos test
The test suite must pass before merging the PR to our main branch. Any new feature, change or fix must be covered by corresponding tests.
This project follow the Flutter code-style. For more informative information about the code style in use, please check:
It is required to sign the Contributor License Agreement in order to contribute to this project.
An automated test is executed on PRs to check if it has been accepted.
This project is covered by GPL-3.
Join us in the Ubuntu Community and post your question there with a descriptive tag.