diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 55acb5a3c..4fb8cd92a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,8 +1,8 @@ # Contributing Guide # Thank you for your interest in contributing to Penpot. This is a -generic guide that details how to contribute to Penpot in a way that is -efficient for everyone. If you want a specific documentation for +generic guide that details how to contribute to Penpot in a way that +is efficient for everyone. If you want a specific documentation for different parts of the platform, please refer to `docs/` directory. @@ -19,6 +19,14 @@ If you found a bug, please report it, as far as possible with: - a browser and the browser version used - a dev tools console exception stack trace (if it is available) +If you found a bug that you consider better discuse in private (for +example: security bugs), consider first send an email to +`info@penpot.app`. + +**We don't have formal bug bounty program for security reports; this +is an open source application and your contribution will be recognized +in the changelog.** + ## Pull requests ## @@ -127,7 +135,7 @@ This Code of Conduct is adapted from the Contributor Covenant, version 1.1.0, available from http://contributor-covenant.org/version/1/1/0/ -## Contributor License Agreement ## +## Developer's Certificate of Origin (DCO) ## By submitting code you are agree and can certify the below: @@ -157,9 +165,9 @@ By submitting code you are agree and can certify the below: maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -Then, all your patches should contain a sign-off at the end of the -patch/commit description body. It can be automatically added on adding -`-s` parameter to `git commit`. +Then, all your code patches (**documentation are excluded**) should +contain a sign-off at the end of the patch/commit description body. It +can be automatically added on adding `-s` parameter to `git commit`. This is an example of the aspect of the line: