CBOMkit-theia is an open source project that aims to create an easy way to discover the use of cryptography in container images and directories and create CBOM. This page describes how you can join the community in this goal.
If you are new to the community? We recommend you do the following before diving into the code:
- Read the Code of Conduct
CBOMkit-theia uses the following labels to help non-maintainers find issues best suited to their interest and experience level:
- good first issue - these issues are typically the simplest available to work on, ideal for newcomers. They should already be fully scoped, with a clear approach outlined in the descriptions.
- help wanted - these issues are generally more complex than good first issues. They typically cover work that core maintainers don't currently have capacity to implement and may require more investigation/discussion. These are a great option for experienced contributors looking for something a bit more challenging.
Scan your code for potential problems:
go vet ./...Applies format to all Go files:
go fmt ./...Ensure license headers are in place by using Google's addlicense. Review any changes before committing:
go install github.com/google/addlicense@latest
addlicense -c "IBM" -l apache -s ./**/*.goClean the go.mod and go.sum file. Review any changes before committing:
go mod tidyTo run all unit- and system tests, simply run:
go test ./...If any of the tests fail, please investigate. Either fix your code or regenerate the testdata using the script. Feel free to open an issue if you believe that the test code is faulty.