|
|
@@ -21,3 +21,12 @@ However, a pull request would be preferred.
|
|
|
|
|
|
- In case you think you found a security issue that should be evaluated and fixed before public disclosure, feel free to write an email. Although CivetWeb is a fork from Mongoose from 2013, the code bases are different now, so security vulnerabilities of Mongoose usually do not affect CivetWeb. Open an issue for Mongoose vulnerabilities you want to have checked if CivetWeb is affected.
|
|
|
|
|
|
+
|
|
|
+Why does a pull request need a description?
|
|
|
+---
|
|
|
+
|
|
|
+I'm asking for this, because I usually review all pull requests.
|
|
|
+Fhe first thing I check is: "What is the intention of the fix **according to the description**?" and "Does the code really fix it?".
|
|
|
+Second: "Do I except side effects?".
|
|
|
+Third: "Is there a better way to fix the issue **explained in the description**?"
|
|
|
+I don't like to "reverse engineer" the intention of the fix from the diff (although it may be obvious to the author of the PR, sometimes it's not for others). But you should also do it for yourself: You will get early feedback if your changes are not doing what you expect, or if there is a much more effective way to reach the same goal. Finally it will help all other users, since it helps writing better release notes.
|
bel2125