13d3b0591SJens WiklanderContributing 23d3b0591SJens Wiklander============ 33d3b0591SJens WiklanderWe gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions: 43d3b0591SJens Wiklander 53d3b0591SJens Wiklander - As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted. 63d3b0591SJens Wiklander - The contribution should not break API or ABI, unless there is a real justification for that. If there is an API change, the contribution, if accepted, will be merged only when there will be a major release. 73d3b0591SJens Wiklander 83d3b0591SJens WiklanderContributor License Agreement (CLA) 93d3b0591SJens Wiklander----------------------------------- 103d3b0591SJens Wiklander- All contributions, whether large or small, require a Contributor's License Agreement (CLA) to be accepted. This is because source code can possibly fall under copyright law and we need your consent to share in the ownership of the copyright. 113d3b0591SJens Wiklander- To accept the Contributor’s License Agreement (CLA), individual contributors can do this by creating an Mbed account and [accepting the online agreement here with a click through](https://developer.mbed.org/contributor_agreement/). Alternatively, for contributions from corporations, or those that do not wish to create an Mbed account, a slightly different agreement can be found [here](https://www.mbed.com/en/about-mbed/contributor-license-agreements/). This agreement should be signed and returned to Arm as described in the instructions given. 123d3b0591SJens Wiklander 133d3b0591SJens WiklanderCoding Standards 143d3b0591SJens Wiklander---------------- 153d3b0591SJens Wiklander- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. 163d3b0591SJens Wiklander- The code should be written in a clean and readable style. 173d3b0591SJens Wiklander- The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs. 183d3b0591SJens Wiklander- The code should be secure, and will be reviewed from a security point of view as well. 193d3b0591SJens Wiklander 203d3b0591SJens WiklanderMaking a Contribution 213d3b0591SJens Wiklander--------------------- 223d3b0591SJens Wiklander1. [Check for open issues](https://github.com/ARMmbed/mbedtls/issues) or [start a discussion](https://tls.mbed.org/discussions) around a feature idea or a bug. 233d3b0591SJens Wiklander1. Fork the [Mbed TLS repository on GitHub](https://github.com/ARMmbed/mbedtls) to start making your changes. As a general rule, you should use the ["development" branch](https://github.com/ARMmbed/mbedtls/tree/development) as a basis. 243d3b0591SJens Wiklander1. Write a test which shows that the bug was fixed or that the feature works as expected. 253d3b0591SJens Wiklander1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :) 263d3b0591SJens Wiklander1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it. 273d3b0591SJens Wiklander1. Mbed TLS is released under the Apache license, and as such, all the added files should include the Apache license header. 283d3b0591SJens Wiklander 293d3b0591SJens WiklanderAPI/ABI Compatibility 303d3b0591SJens Wiklander--------------------- 313d3b0591SJens WiklanderThe project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches. 323d3b0591SJens Wiklander 333d3b0591SJens WiklanderTo minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change. 343d3b0591SJens Wiklander 353d3b0591SJens WiklanderWhere changes to an existing interface are necessary, functions in the public interface which need to be changed, are marked as 'deprecated'. This is done with the preprocessor symbols `MBEDTLS_DEPRECATED_WARNING` and `MBEDTLS_DEPRECATED_REMOVED`. Then, a new function with a new name but similar if not identical behaviour to the original function containing the necessary changes should be created alongside the existing deprecated function. 363d3b0591SJens Wiklander 373d3b0591SJens WiklanderWhen a build is made with the deprecation preprocessor symbols defined, a compiler warning will be generated to warn a user that the function will be removed at some point in the future, notifying users that they should change from the older deprecated function to the newer function at their own convenience. 383d3b0591SJens Wiklander 393d3b0591SJens WiklanderTherefore, no changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. As described above, if a function needs to be changed, a new function needs to be created alongside it, with a new name, and whatever change is necessary, such as a new parameter or the addition of a return value. 403d3b0591SJens Wiklander 413d3b0591SJens WiklanderPeriodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library. 423d3b0591SJens Wiklander 433d3b0591SJens WiklanderLong Term Support Branches 443d3b0591SJens Wiklander-------------------------- 453d3b0591SJens WiklanderMbed TLS maintains several LTS (Long Term Support) branches, which are maintained continuously for a given period. The LTS branches are provided to allow users of the library to have a maintained, stable version of the library which contains only security fixes and fixes for other defects, without encountering additional features or API extensions which may introduce issues or change the code size or RAM usage, which can be significant considerations on some platforms. To allow users to take advantage of the LTS branches, these branches maintain backwards compatibility for both the public API and ABI. 463d3b0591SJens Wiklander 473d3b0591SJens WiklanderWhen backporting to these branches please observe the following rules: 483d3b0591SJens Wiklander 493d3b0591SJens Wiklander 1. Any change to the library which changes the API or ABI cannot be backported. 503d3b0591SJens Wiklander 513d3b0591SJens Wiklander 2. All bug fixes that correct a defect that is also present in an LTS branch must be backported to that LTS branch. If a bug fix introduces a change to the API such as a new function, the fix should be reworked to avoid the API change. API changes without very strong justification are unlikely to be accepted. 523d3b0591SJens Wiklander 53*5b25c76aSJerome Forissier 3. If a contribution is a new feature or enhancement, no backporting is required. Exceptions to this may be additional test cases or quality improvements such as changes to build or test scripts. 543d3b0591SJens Wiklander 553d3b0591SJens WiklanderIt would be highly appreciated if contributions are backported to LTS branches in addition to the [development branch](https://github.com/ARMmbed/mbedtls/tree/development) by contributors. 563d3b0591SJens Wiklander 573d3b0591SJens WiklanderCurrently maintained LTS branches are: 583d3b0591SJens Wiklander 59*5b25c76aSJerome Forissier1. [mbedtls-2.7](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.7) 603d3b0591SJens Wiklander 61*5b25c76aSJerome Forissier1. [mbedtls-2.16](https://github.com/ARMmbed/mbedtls/tree/mbedtls-2.16) 623d3b0591SJens Wiklander 633d3b0591SJens Wiklander 643d3b0591SJens WiklanderTests 653d3b0591SJens Wiklander----- 663d3b0591SJens WiklanderAs mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist. 673d3b0591SJens Wiklander 683d3b0591SJens WiklanderMbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function. 693d3b0591SJens Wiklander 703d3b0591SJens Wiklander[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://tls.mbed.org/kb/development/test_suites). 713d3b0591SJens Wiklander 723d3b0591SJens WiklanderA test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library. 733d3b0591SJens Wiklander 743d3b0591SJens WiklanderSample applications, if needed, should be modified as well. 753d3b0591SJens Wiklander 763d3b0591SJens WiklanderContinuous Integration Tests 773d3b0591SJens Wiklander---------------------------- 783d3b0591SJens WiklanderOnce a PR has been made, the Continuous Integration (CI) tests are triggered and run. You should follow the result of the CI tests, and fix failures. 793d3b0591SJens Wiklander 803d3b0591SJens WiklanderIt is advised to enable the [githooks scripts](https://github.com/ARMmbed/mbedtls/tree/development/tests/git-scripts) prior to pushing your changes, for catching some of the issues as early as possible. 813d3b0591SJens Wiklander 823d3b0591SJens WiklanderDocumentation 833d3b0591SJens Wiklander------------- 843d3b0591SJens WiklanderMbed TLS is well documented, but if you think documentation is needed, speak out! 853d3b0591SJens Wiklander 863d3b0591SJens Wiklander1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation. 873d3b0591SJens Wiklander 883d3b0591SJens Wiklander2. Complex parts in the code should include comments. 893d3b0591SJens Wiklander 903d3b0591SJens Wiklander3. If needed, a Readme file is advised. 913d3b0591SJens Wiklander 923d3b0591SJens Wiklander4. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description. 933d3b0591SJens Wiklander 943d3b0591SJens Wiklander5. A [ChangeLog](https://github.com/ARMmbed/mbedtls/blob/development/ChangeLog) entry should be added for this contribution. 953d3b0591SJens Wiklander 96