Contribute
Thank you for your interest in contributing to the development of new detectors.
Getting Started
Create a new issue on our repository with the name of the new detector or test case you wish to contribute. Then, link a new branch to that issue.
If your detector or test case doesn't belong to an existing vulnerability class, please provide documentation for the new vulnerability class you're proposing.
❗ Requirement: All detectors and test cases should follow the kebab-case naming convention, using lowercase and hyphens only.
Detectors
To contribute a new detector:
Choose an appropriate template. Browse our templates at
templates/detector
. Decide on theearly-lint
orlate-lint
template, based on whether you want to lint before or after macro expansion.Add your modified detector files to a new folder, naming it after your detector, inside the
detectors
directory.
Test Cases
To contribute a new test case:
Determine the vulnerability class to which your test case belongs. Then, create a new sub-folder under that class in the
test-cases
directory. Remember to append the detector number at the end, separated by a hyphen.Within this sub-folder, create two directories:
vulnerable-example
andremediated-example
. Fill each with the relevant files for their respective test cases. If possible, incorporate integration or e2e tests. For guidance, refer to theflipper
template intemplates/test-case
.