First off, thank you for considering contributing to HIBP. It's people like you that make HIBP such a great tool for anyone who needs to check if a given password was previously used in a service that was breached and listed in Have I Been Pwned?.
If you've noticed a bug or have a question, search the issue tracker to see if someone else in the community has already created a ticket. If not, go ahead and make one!
If this is something you think you can fix, then fork HIBP and create a branch with a descriptive name.
A good branch name would be (where issue #123 is the ticket you're working on):
git checkout -b 123-fixing-nasty-issue
Make sure you're using the most recent PHP version:
- This project uses PHP 7.2 or higher
Now install PHP packages using composer:
composer install
At this point you should be able to run the entire test suite using:
./vendor/bin/phpunit
-
Ensure the bug was not already reported by searching all issues.
-
If you're unable to find an open issue addressing the problem, open a new one. Be sure to include a title and clear description, as much relevant information as possible, and a code sample or an executable test case demonstrating the expected behavior that is not occurring.
At this point, you're ready to make your changes! Feel free to ask for help; everyone is a beginner at first 😸
At this point, you should switch back to your master branch and make sure it's up to date with HIBP's master branch:
git remote add upstream [email protected]:dragonbe/hibp.git
git checkout master
git pull upstream master
Then update your feature branch from your local copy of master, and push it!
git checkout 123-update-be-vat-numbers
git rebase master
git push --set-upstream origin 123-fixing-nasty-issue
Replace 123-fixing-nasty-issue
with the branch name you have given yourself.
Finally, go to GitHub and make a Pull Request :D
Travis CI will run our test suite against all supported PHP versions. We care about quality, so your PR won't be merged until all tests pass. It's unlikely, but it's possible that your changes pass tests in one PHP version but fails in another. In that case, you'll have to setup your development environment (as explained in step 3) to use the problematic PHP version, and investigate what's going on!
The PHP containers on Docker HUB might be convenient for this purpose. You might want to make use of them.
If a maintainer asks you to "rebase" your PR, they're saying that a lot of code has changed, and that you need to update your branch so it's easier to merge.
To learn more about rebasing in Git, there are a lot of good resources, but here's the suggested workflow:
git checkout 123-fixing-nasty-issue
git pull --rebase upstream master
git push --force-with-lease 123-fixing-nasty-issue
A PR can only be merged into master by a maintainer if:
- It is passing CI.
- It has been approved by at least two maintainers. If it was a maintainer who opened the PR, only one extra approval is needed.
- It has no requested changes.
- It is up to date with current master.
Any maintainer is allowed to merge a PR if all of these conditions are met.
Maintainers need to do the following to push out a release:
- Make sure all pull requests are in
- Create a stable branch for that release:
This example explains the process to tag a new version on master
, where
upstream
references dragonbe/hibpand 2.0.8
is our latest tag.
git fetch upstream
git checkout master
git pull --rebase upstream master
git tag -a 2.0.9
git push upstream 2.0.9
That's all there is to it.