Thank you for your interest in contributing to the development of new detectors.
Create a new issue on our repository with the name of the new detector or test case you wish to contribute. Then, link a new branch to that issue.
If your detector or test case doesn't belong to an existing vulnerability class, please provide documentation for the new vulnerability class you're proposing.
❗ Requirement: All detectors and test cases should follow the kebab-case naming convention, using lowercase and hyphens only.
To contribute a new detector:
Choose an appropriate template. Browse our templates at
templates/detectors. Decide on the
late-linttemplate, based on whether you want to lint before or after macro expansion.
Add your modified detector files to a new folder, naming it after your detector, inside the
To contribute a new test case:
Determine the vulnerability class to which your test case belongs. Then, create a new sub-folder under that class in the
test-casesdirectory. Remember to append the detector number at the end, separated by a hyphen.
Within this sub-folder, create two directories:
remediated-example. Fill each with the relevant files for their respective test cases. If possible, incorporate integration or e2e tests. For guidance, refer to the