1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
Contributing to Rails Html Sanitizers
=====================
[](https://github.com/rails/rails-html-sanitizer/actions/workflows/ci.yml)
Rails Html Sanitizers is work of [many contributors](https://github.com/rails/rails-html-sanitizer/graphs/contributors). You're encouraged to submit [pull requests](https://github.com/rails/rails-html-sanitizer/pulls), [propose features and discuss issues](https://github.com/rails/rails-html-sanitizer/issues).
### How to submit a pull request
#### Fork the Project
Fork the [project on Github](https://github.com/rails/rails-html-sanitizer) and check out your copy.
```
git clone https://github.com/contributor/rails-html-sanitizer.git
cd rails-html-sanitizer
git remote add upstream https://github.com/rails/rails-html-sanitizer.git
```
#### Create a Topic Branch
Make sure your fork is up-to-date and create a topic branch for your feature or bug fix.
```
git checkout main
git pull upstream main
git checkout -b my-feature-branch
```
#### Bundle Install and Test
Ensure that you can build the project and run tests.
```
bundle install
bundle exec rake test
```
#### Write Tests
Try to write a test that reproduces the problem you're trying to fix or describes a feature that you want to build. Add to [test](test).
We definitely appreciate pull requests that highlight or reproduce a problem, even without a fix.
#### Write Code
Implement your feature or bug fix.
Make sure that `bundle exec rake test` completes without errors.
#### Write Documentation
Document any external behavior in the [README](README.md).
#### Commit Changes
Make sure git knows your name and email address:
```
git config --global user.name "Your Name"
git config --global user.email "contributor@example.com"
```
Writing good commit logs is important. A commit log should describe what changed and why.
```
git add ...
git commit
```
#### Push
```
git push origin my-feature-branch
```
#### Make a Pull Request
Go to https://github.com/contributor/rails-html-sanitizer and select your feature branch. Click the 'Pull Request' button and fill out the form. Pull requests are usually reviewed within a few days.
#### Rebase
If you've been working on a change for a while, rebase with upstream/main.
```
git fetch upstream
git rebase upstream/main
git push origin my-feature-branch -f
```
#### Check on Your Pull Request
Go back to your pull request after a few minutes and see whether it passed muster with CI. Everything should look green, otherwise fix issues and amend your commit as described above.
#### Be Patient
It's likely that your change will not be merged and that the nitpicky maintainers will ask you to do more, or fix seemingly benign problems. Hang on there!
#### Thank You
Please do know that we really appreciate and value your time and work. We love you, really.
### How to cut a release
A quick checklist:
- [ ] make sure CI is green! https://github.com/rails/rails-html-sanitizer/actions/workflows/ci.yml
- [ ] update `CHANGELOG.md` and `lib/rails/html/sanitizer/version.rb`
- [ ] run `bundle exec rake build`
- [ ] create a git tag
- [ ] `git push && git push --tags`
- [ ] `gem push pkg/*.gem`
- [ ] create a release at https://github.com/rails/rails-html-sanitizer/releases
- if security-related,
- [ ] publish the CVE
- [ ] post to https://discuss.rubyonrails.org/c/security-announcements
- [ ] submit a PR to https://github.com/rubysec/ruby-advisory-db
|
