From 0568e98520584844e17b49a558bb54e3821dbe25 Mon Sep 17 00:00:00 2001 From: ljstella Date: Thu, 18 Jul 2024 09:57:10 -0500 Subject: [PATCH 1/6] Updated precommit config --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b46d0df484..e6d69ec8da 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v2.1.0 # Use the ref you want to point at + rev: v4.6.0 # Use the ref you want to point at hooks: - id: check-executables-have-shebangs exclude: 'package/bin/da_ess_contentupdate/|package/bin/splunklib/|venv/' From 71ce8f8f8da5a80d852f52a624193941c454db9e Mon Sep 17 00:00:00 2001 From: ljstella Date: Mon, 22 Jul 2024 07:50:51 -0500 Subject: [PATCH 2/6] Added new hooks --- .pre-commit-config.yaml | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e6d69ec8da..82acb2c4d9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,12 +1,15 @@ repos: -- repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.6.0 # Use the ref you want to point at - hooks: - - id: check-executables-have-shebangs - exclude: 'package/bin/da_ess_contentupdate/|package/bin/splunklib/|venv/' - - id: check-json - - id: check-symlinks - - id: check-yaml - - id: pretty-format-json - args: [--autofix] - - id: requirements-txt-fixer + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.6.0 # Use the ref you want to point at + hooks: + - id: check-executables-have-shebangs + exclude: "package/bin/da_ess_contentupdate/|package/bin/splunklib/|venv/" + - id: check-json + - id: check-symlinks + - id: check-yaml + - id: pretty-format-json + args: [--autofix] + - id: requirements-txt-fixer + - id: detect-aws-credentials + - id: detect-private-key + - id: forbid-submodules From 0f81e4a6ea58aa5c3271eb12d9ed81f4d7132f53 Mon Sep 17 00:00:00 2001 From: ljstella Date: Mon, 22 Jul 2024 07:51:12 -0500 Subject: [PATCH 3/6] Adding CONTRIBUTING.md --- .github/CONTRIBUTING.md | 128 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 .github/CONTRIBUTING.md diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md new file mode 100644 index 0000000000..9963d625c2 --- /dev/null +++ b/.github/CONTRIBUTING.md @@ -0,0 +1,128 @@ +This document is the single source of truth on how to contribute to this codebase. Please feel free to browse the open issues and file new ones. All feedback is welcome! + +---- + +## Topics + +* [Prerequisites](#prerequisites) + * [Contributor License Agreement](#contributor-license-agreement) + * [Code of Conduct](#code-of-conduct) + * [Setup Development Environment](#setup-development-environment) +* [Contribution Workflow](#contribution-workflow) + * [Feature Requests and Bug Reports](#feature-requests-and-bug-reports) + * [Fixing Issues](#fixing-issues) + * [Pull Requests](#pull-requests) + * [Code Review](#code-review) + * [Documentation](#documentation) +* [Maintainers](#maintainers) + +---- + +## Prerequisites +When contributing to this repository, please first discuss the change you wish to make via a GitHub issue, Slack message, email, or via other channels with the owners of this repository. + +##### Contributor License Agreement +At the moment, we can only accept pull requests submitted from either: +* Splunk employees or +* Individuals that have signed our contributors' agreement + +If you wish to be a contributing member of our community, please see the agreement [for individuals](https://www.splunk.com/goto/individualcontributions) or [for organizations](https://www.splunk.com/goto/contributions). + +##### Code of Conduct +Please make sure to read and observe our [Code of Conduct](https://github.com/splunk/security_content/wiki/Code-of-Conduct). Please follow it in all of your interactions involving the project. + +##### Setup Development Environment +see [Developing Content](https://github.com/splunk/security_content/wiki/Developing-Content) + +## Contribution Workflow +Help is always welcome! For example, documentation can always use improvement. There's always code that can be clarified, functionality that can be extended, and tests to be added to guarantee behavior. If you see something you think should be fixed, don't be afraid to own it. + +##### Feature Requests and Bug Reports +Have ideas on improvements? See something that needs work? While the community encourages everyone to contribute code, it is also appreciated when someone reports an issue. Please report any issues or bugs you find through [GitHub's issue tracker](https://github.com/splunk/security_content/issues). + +If you are reporting a bug, please include: + +* Your operating system name and version +* Any details about your local setup that might be helpful in troubleshooting (ex. Python interpreter version, Splunk version, etc.) +* Detailed steps to reproduce the bug + +We'd also like to hear about your propositions and suggestions. Feel free to submit them as issues and: + +* Explain in detail how they should work +* Note that keeping the scope as narrow as possible will make the suggestion easier to implement + +##### Fixing Issues +Look through our [issue tracker](https://github.com/splunk/security_content/issues) to find problems to fix! Feel free to comment and tag corresponding stakeholders or full-time maintainers of this project with any questions or concerns. + +##### Pull Requests +What is a "pull request"? It informs the project's core developers about the changes you want to review and merge. Once you submit a pull request, it enters a stage of code review where you and others can discuss its potential modifications and maybe even add more commits to it later on. + +If you want to learn more, please consult this [tutorial on how pull requests work](https://help.github.com/articles/using-pull-requests/) in the [GitHub Help Center](https://help.github.com/). + +Here's an overview of how you can make a pull request against this project: + +1. Fill out the [Splunk Contribution Agreement](https://www.splunk.com/goto/contributions). +2. Fork the [security_content GitHub repository](https://github.com/splunk/security_content) +3. Clone your fork using git and create a branch off of develop + + ``` + $ git clone git@github.com:YOUR_GITHUB_USERNAME/security_content.git + $ cd security_content + + # This project uses 'develop' for all development activity, so create your branch off that + $ git checkout -b your-bugfix-branch-name develop + ``` + +4. Make your changes, commit, and push (once your tests have passed) + + ``` + $ cd security_content + $ git commit -m "" + $ git push + ``` + +5. Submit a pull request through the GitHub website, using the changes from your forked codebase. +6. We utilize [pre-commit hooks](https://pre-commit.com/) to ensure consistent formatting and as an additional method of preventing credentials from ending up in our repo accidentally. We highly suggest you also install `pre-commit` and the hooks for this project. + +##### Code Review +There are two aspects of code review: giving and receiving. + +To make it easier for your PR to receive reviews, keep in mind that the reviewers will need you to: +* Follow the project coding conventions +* Write good commit messages +* Break large changes into a logical series of smaller patches which individually make easily understandable changes, and in aggregate solve a broader issue + +Reviewers, the people providing the review, are highly encouraged to revisit the [Code of Conduct](https://github.com/splunk/security_content/wiki/Code-of-Conduct) and must go above and beyond to promote a collaborative, respectful community. + +When reviewing PRs from others, [The Gentle Art of Patch Review](http://sage.thesharps.us/2014/09/01/the-gentle-art-of-patch-review/) suggests an iterative series of focuses designed to lead new contributors to positive collaboration, such as: + +* Is the idea behind the contribution sound? +* Is the contribution architected correctly? +* Is the contribution polished? + +For this project, we require at least one approval. A build from our continuous integration system must also be successful off of your branch. Please note that any new changes made with your existing pull request during review will automatically unapproved and re-trigger another build/round of tests. + +##### Documentation +We can always use improvements to our documentation! Anyone can contribute to these docs--whether you’re new to the project, you’ve been around a long time, or if you just can’t stand seeing typos. + +Here's what's needed? + +1. More complementary documentation. Have you something unclear? +2. More examples or generic templates that others can use. +3. Blog posts, articles, and such are all very appreciated. + +You can also edit documentation files directly in the GitHub web interface, without creating a local copy. This can be convenient for small typos or grammar fixes. + +## Maintainers + +If you need help, feel free to tag one of the active maintainers of this project in a post or comment. We'll do our best to reach out to you as quickly as we can. + +``` +# Active maintainers marked with (*) + +(*) Bhavin Patel +(*) Michael Haag +(*) Jose Hernandez +(*) Lou Stella +(*) Patrick Bareib +``` From ecde03ad333d5813d66f7bf31445058e110167eb Mon Sep 17 00:00:00 2001 From: ljstella Date: Mon, 22 Jul 2024 07:54:16 -0500 Subject: [PATCH 4/6] Add full team --- .github/CONTRIBUTING.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 9963d625c2..94da8b2900 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -125,4 +125,8 @@ If you need help, feel free to tag one of the active maintainers of this project (*) Jose Hernandez (*) Lou Stella (*) Patrick Bareib +(*) Eric McGinnis +(*) Rod Soto +(*) Teoderick Contreras +(*) Gowtham Rajendran ``` From 6c8cf9f0a4f3fad028afb55b339d1b2e81167680 Mon Sep 17 00:00:00 2001 From: ljstella Date: Mon, 22 Jul 2024 14:28:53 -0500 Subject: [PATCH 5/6] Updated README to point at new Contributing --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 758a7aede3..9b2e22e0e9 100644 --- a/README.md +++ b/README.md @@ -74,7 +74,7 @@ To view an up-to-date detection coverage map for all the content tagged with MIT * [data_sources/](data_sources/): Defines the data sources, the necessary TA or App to collect them and the fields provided that can be used by the detections. # Contribution 🥰 -We welcome feedback and contributions from the community! Please see our [contributing to the project](https://github.com/splunk/security_content/wiki/Contributing-to-the-Project) for more information on how to get involved. +We welcome feedback and contributions from the community! Please see our [contributing to the project](./.github/CONTRIBUTING.md) for more information on how to get involved. ## Support 💪 If you are a Splunk Enterprise customer with a valid support entitlement contract and have a Splunk-related question, you can open a support case on the https://www.splunk.com/ support portal. From 7f5425d70168c2896cd7a316c842a309dab1de79 Mon Sep 17 00:00:00 2001 From: ljstella Date: Mon, 22 Jul 2024 14:29:18 -0500 Subject: [PATCH 6/6] Add new Code of Conduct file pointing at existing wiki page --- CODE_OF_CONDUCT.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 CODE_OF_CONDUCT.md diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000000..565a74586b --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,3 @@ +# Code Of Conduct + +The Code of Conduct for this repository can be found online [in our wiki](https://github.com/splunk/security_content/wiki/Code-of-Conduct). \ No newline at end of file