From 0839aa858f41f71b292c387f6bc3641083b965bc Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 11 Feb 2014 22:36:51 -0600 Subject: reorganize contributing into development section --- docs/development/reviewing-patches.rst | 51 ++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 docs/development/reviewing-patches.rst (limited to 'docs/development/reviewing-patches.rst') diff --git a/docs/development/reviewing-patches.rst b/docs/development/reviewing-patches.rst new file mode 100644 index 00000000..13d9cd8f --- /dev/null +++ b/docs/development/reviewing-patches.rst @@ -0,0 +1,51 @@ +Reviewing/Merging Patches +========================= + +Because cryptography is so complex, and the implications of getting it wrong so +devastating, ``cryptography`` has a strict code review policy: + +* Patches must *never* be pushed directly to ``master``, all changes (even the + most trivial typo fixes!) must be submitted as a pull request. +* A committer may *never* merge their own pull request, a second party must + merge their changes. If multiple people work on a pull request, it must be + merged by someone who did not work on it. +* A patch that breaks tests, or introduces regressions by changing or removing + existing tests should not be merged. Tests must always be passing on + ``master``. +* If somehow the tests get into a failing state on ``master`` (such as by a + backwards incompatible release of a dependency) no pull requests may be + merged until this is rectified. +* All merged patches must have 100% test coverage. + +The purpose of these policies is to minimize the chances we merge a change +that jeopardizes our users' security. + +When reviewing a patch try to keep each of these concepts in mind: + +Architecture +------------ + +* Is the proposed change being made in the correct place? Is it a fix in a + backend when it should be in the primitives? + +Intent +------ + +* What is the change being proposed? +* Do we want this feature or is the bug they're fixing really a bug? + +Implementation +-------------- + +* Does the change do what the author claims? +* Are there sufficient tests? +* Has it been documented? +* Will this change introduce new bugs? + +Grammar/Style +------------- + +These are small things that are not caught by the automated style checkers. + +* Does a variable need a better name? +* Should this be a keyword argument? -- cgit v1.2.3 From 91c776fe1d577efa67beb4ea26caf9492bae4070 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 11 Feb 2014 23:08:47 -0600 Subject: move around some material on the reviewing doc page --- docs/development/reviewing-patches.rst | 45 +++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 20 deletions(-) (limited to 'docs/development/reviewing-patches.rst') diff --git a/docs/development/reviewing-patches.rst b/docs/development/reviewing-patches.rst index 13d9cd8f..302c998e 100644 --- a/docs/development/reviewing-patches.rst +++ b/docs/development/reviewing-patches.rst @@ -1,26 +1,8 @@ Reviewing/Merging Patches ========================= -Because cryptography is so complex, and the implications of getting it wrong so -devastating, ``cryptography`` has a strict code review policy: - -* Patches must *never* be pushed directly to ``master``, all changes (even the - most trivial typo fixes!) must be submitted as a pull request. -* A committer may *never* merge their own pull request, a second party must - merge their changes. If multiple people work on a pull request, it must be - merged by someone who did not work on it. -* A patch that breaks tests, or introduces regressions by changing or removing - existing tests should not be merged. Tests must always be passing on - ``master``. -* If somehow the tests get into a failing state on ``master`` (such as by a - backwards incompatible release of a dependency) no pull requests may be - merged until this is rectified. -* All merged patches must have 100% test coverage. - -The purpose of these policies is to minimize the chances we merge a change -that jeopardizes our users' security. - -When reviewing a patch try to keep each of these concepts in mind: +Everyone is encouraged to review open pull requests. When reviewing a patch try +to keep each of these concepts in mind: Architecture ------------ @@ -49,3 +31,26 @@ These are small things that are not caught by the automated style checkers. * Does a variable need a better name? * Should this be a keyword argument? + +Merge Requirements +------------------ + +Because cryptography is so complex, and the implications of getting it wrong so +devastating, ``cryptography`` has a strict merge policy for committers: + +* Patches must *never* be pushed directly to ``master``, all changes (even the + most trivial typo fixes!) must be submitted as a pull request. +* A committer may *never* merge their own pull request, a second party must + merge their changes. If multiple people work on a pull request, it must be + merged by someone who did not work on it. +* A patch that breaks tests, or introduces regressions by changing or removing + existing tests should not be merged. Tests must always be passing on + ``master``. +* If somehow the tests get into a failing state on ``master`` (such as by a + backwards incompatible release of a dependency) no pull requests may be + merged until this is rectified. +* All merged patches must have 100% test coverage. + +The purpose of these policies is to minimize the chances we merge a change +that jeopardizes our users' security. + -- cgit v1.2.3