A structured process to create and share vulnerability data is work in progress.
Until it is defined, we invite you to just create pull requests in order to submit new vulnerability data, using and existing statement as a template. You should provide, at least the vulnerability identifier, the URL of the source code repository of the affected component and one or more identifiers of the commits used to fix the vulnerability.
-
Ensure the bug was not already reported by searching on GitHub under Issues.
-
If you're unable to find an open issue that addresses the problem, open a new one. Be sure to include a title and clear description, as much relevant information as possible, and a code sample or an executable test case demonstrating the expected behavior that is not occurring.
- Open a new GitHub pull request with the patch.
- Ensure the PR description clearly describes the problem and solution. Include the relevant issue number if applicable.
- Add one or more test cases as appropriate
- Make sure all other tests and checks still pass (that is, run
make checkin thekaybeefolder; it should succeed)
Changes that are cosmetic in nature and do not add anything substantial to the stability, functionality, or testability are accepted at this time.
- Suggest your change by creating an issue and start writing code in your own
fork and make a PR when ready. Please make sure you provide tests for your
code, and ensure you can successfully execute
make check(in thekaybeefolder) with no errors and that you include adequate documentation in your code.
- For now, file an issue (we consider that the need of clarifications at this stage indicates missing or inadequate documentation).
You are most welcome to do so, project "KB" needs every one of you to succeed, every drop matters!
Thanks! ❤️ ❤️ ❤️
The project "KB" team