1Contributing 2============ 3 4Reporting Security Issues 5------------------------- 6 7Please follow the directions of the `Trusted Firmware Security Center`_ 8 9Getting Started 10--------------- 11 12- Make sure you have a GitHub account and you are logged in at `review.trustedfirmware.org`_. 13- Make sure the following is configured in `Gerrit settings`_: 14 15 - Your public key is set under ``SSH Keys``. This will be needed when pushing changes. 16 Please see `Public keys section`_ of Gerrit documentation if you need new keys. 17 - The email address you will use in git is added under ``Email Addresses``. 18 19- Clone the |TS_REPO| on your own machine. 20 21Making Changes 22-------------- 23 24- Send an email to the |TS_MAIL_LIST| about your work. This gives everyone visibility of whether others are working on 25 something similar. 26- Make commits of logical units. See these general `Git guidelines`_ for contributing to a project. 27- Follow the :ref:`Coding Style & Guidelines`. 28- Keep the commits on topic. If you need to fix another bug or make another enhancement, please create a separate 29 change. 30- Avoid long commit series. If you do have a long series, consider whether some 31 commits should be squashed together or addressed in a separate topic. 32- Make sure your commit messages are in the proper format. Please keep the 50/72 rule (for details see 33 `Tim Popes blog entry`_.) 34- Where appropriate, please update the documentation. 35 36 - Consider which documents or other in-source documentation needs updating. 37 - For topics with multiple commits, you should make all documentation changes (and nothing else) in the last commit 38 of the series. Otherwise, include the documentation changes within the single commit. 39 40- Ensure that files have the correct copyright and license information. Files that entirely consist of contributions to 41 this project should have a copyright notice and BSD-3-Clause SPDX license identifier of the form as shown in 42 :ref:`license`. Example copyright and license comment blocks are shown in :ref:`Coding Style & Guidelines`. Files that 43 contain changes to imported Third Party IP files should retain their original copyright and license 44 notices. For significant contributions you may add your own copyright notice in following format:: 45 46 Portions copyright (c) [XXXX-]YYYY, <OWNER>. All rights reserved. 47 48 where `XXXX` is the year of first contribution (if different to `YYYY`) and `YYYY` is the year of most recent 49 contribution. `<OWNER>` is your name or your company name. 50- If you are submitting new files that you intend to be the technical sub-maintainer for (for example, a new platform 51 port), then also update the :ref:`maintainers` file. 52 53- Please test your changes. 54 55Submitting Changes 56------------------ 57 58- Ensure that each commit in the series has at least one ``Signed-off-by:`` line, using your real name and email 59 address. The names in the ``Signed-off-by:`` and ``Author:`` lines must match. If anyone else contributes to the 60 commit, they must also add their own ``Signed-off-by:`` line. By adding this line the contributor certifies the 61 contribution is made under the terms of the :download:`Developer Certificate of Origin <../../dco.txt>`. 62 63 More details may be found in the `Gerrit Signed-off-by Lines guidelines`_. 64- Ensure that each commit also has a unique ``Change-Id:`` line. If you have cloned the repository with the "`Clone with 65 commit-msg hook`" clone method, this should already be the case. 66 67 More details may be found in the `Gerrit Change-Ids documentation`_. 68 69- Select your target branch. 70 71 - If all commits of your change compile and run ok, then your review can target the ``integration`` branch. 72 - If not, a topic branch is needed. The name of the topic branch has to be kept reasonably sort and has to follow 73 this format: ``topics/<user-id>/<topic>``. 74 75 - `user-id` is unique ID of the user (e.g. nick name, <first name>_<last name>, etc...). 76 - `topic` is a title reflecting the purpose of the change. 77- Push your changes to Gerrit. Refer to the `Gerrit Uploading Changes documentation`_ to see how this can be done. 78 79- The changes will then undergo further review and testing by the :ref:`maintainers`. Any review comments will be made 80 directly on your patch. This may require you to do some rework. 81 82- When the changes are accepted, the :ref:`maintainers` will integrate them. 83 84- Typically, the :ref:`maintainers` will merge the changes into the target branch. 85 86- If the changes are not based on a sufficiently-recent commit, or if they cannot be automatically rebased, then the 87 :ref:`maintainers` may rebase it ask you to do so. 88 89- After final integration testing, the changes will make their way into the ``main`` branch. If a problem is found 90 during integration, the merge commit will be removed from the ``integration`` branch and the :ref:`maintainers` will 91 ask you to create a new patch set to resolve the problem. 92 93-------------- 94 95.. _review.trustedfirmware.org: https://review.trustedfirmware.org 96.. _Git guidelines: http://git-scm.com/book/ch5-2.html 97.. _Gerrit Uploading Changes documentation: https://review.trustedfirmware.org/Documentation/user-upload.html 98.. _Gerrit Signed-off-by Lines guidelines: https://review.trustedfirmware.org/Documentation/user-signedoffby.html 99.. _Gerrit Change-Ids documentation: https://review.trustedfirmware.org/Documentation/user-changeid.html 100.. _`Tim Popes blog entry`: https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html 101.. _`Trusted Firmware Security Center`: https://trusted-firmware-docs.readthedocs.io/en/latest/security_center/index.html 102.. _`Gerrit settings`: https://review.trustedfirmware.org/settings/ 103.. _`Public keys section`: https://review.trustedfirmware.org/Documentation/user-upload.html#configure_ssh_public_keys 104 105*Copyright (c) 2020-2022, Arm Limited and Contributors. All rights reserved.* 106 107SPDX-License-Identifier: BSD-3-Clause 108