# Contributing to Guardian
First of all, thanks for considering contributing to Guardian!
There are a few guidelines to follow, which were arbitrarily taken, but we are always open for discussion! If you feel that something is wrong with our project management, feel free to open an issue.
# Security issues
If you find a security issue in the library, do not open an issue and contact Mathieu Bour mathieu.tin.bour@gmail.com instead. Since Guardian is a cryptographic library which potentially protects sensitive data, security issues are taken very seriously and analyzed in restricted environments.
# Source code
The Guardian source code is mostly located into the src/
directly.
- PHP code is linted against the mathrix-education/coding-standard (opens new window). If you modified the source code, ensure that the sources are still valid with
vendor/bin/phpcs
- The library has to be compatible with both Laravel and Lumen frameworks, so you cannot use Laravel-specific features:
- Facades, like
Auth::
- use dependency injection instead
- Facades, like
- We follow Laravel Support Policy (opens new window), so everything you write will be tested against the currently supported Laravel version. NB: Lumen follows the same support policy
- Write tests! Since we reach 100% coverage, we won't allow any commit which provide untested code
# Documentation
The documentation is located in the docs/
directory and based on VuePress (opens new window).
Feel free to editing anything, but remember that:
- The
package.json
version
field has to be synced with thecomposer.json
version
field - If you edit the README.md or the contributing.md, run
npm run docs:export
to sync the files with the root files. Never edit the repository README.md or CONTRIBUTING.md files directly