Add documenttion to CONTRIBUTING-TO-ESAPI.txt to mention signed commits are now required.

ESAPI / esapi-java-legacy

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.

https://owasp.org/www-project-enterprise-security-api/

Other

603 stars 364 forks source link

Add documenttion to CONTRIBUTING-TO-ESAPI.txt to mention signed commits are now required. #775

Closed kwwall closed 1 year ago

kwwall commented 1 year ago

Master and develop branches now have "branch protection" enabled and as part of that, those branches now require signed commits. That should be mentioned as part of the PR process in the CONTRIBUTING-TO-ESAPI.txt file.

While we can bypass this via GitHub, it is better if all the commits are signed with GPG keys.

Koslx888 commented 1 year ago

Master and develop

kwwall commented 1 year ago

It has been in the 'develop' branch for a while now: https://github.com/ESAPI/esapi-java-legacy/blob/develop/CONTRIBUTING-TO-ESAPI.txt#L15-L22

It has been merged to 'main' since the 2.5.2.0 release which was about 3 months ago: https://github.com/ESAPI/esapi-java-legacy/blame/main/CONTRIBUTING-TO-ESAPI.txt#L15-L22

The only problem was that I failed to close this issue, which I am doing now.