From 0d57a78b7468ba3feeb5a568454a6bb7523cff47 Mon Sep 17 00:00:00 2001 From: Jordan Wright Date: Wed, 13 Jan 2016 23:05:17 -0600 Subject: [PATCH] Adding first draft of CONTRIBUTING file and CLA. Fixes #57 --- CONTRIBUTING.md | 44 +++++++++++++++++++ ...corporate_contributor_license_agreement.md | 25 +++++++++++ ...ndividual_contributor_license_agreement.md | 25 +++++++++++ 3 files changed, 94 insertions(+) create mode 100644 CONTRIBUTING.md create mode 100644 doc/corporate_contributor_license_agreement.md create mode 100644 doc/individual_contributor_license_agreement.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 00000000..7e6289be --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,44 @@ +# Contribute to gophish + +Thank you for your interest in contributing to gophish! It is our goal to make the best simulated phishing framework possible, and we are excited you want to help out. + +This guide details how to contribute to gophish in a way that is efficient for everyone involved. + +Gophish currently only comes in one flavor, gophish Community Edition (CE), which is our free and open source edition. In the future, we reserve the right to create an Enterprise Edition, though we're currently pouring our effort into create a rock-solid open source platform. This document will be updated if an EE edition is created. + +## Contributor license agreement + +By submitting code as an individual you agree to the +[individual contributor license agreement](doc/individual_contributor_license_agreement.md). +By submitting code as an entity you agree to the +[corporate contributor license agreement](doc/corporate_contributor_license_agreement.md). + +## Security vulnerability disclosure + +Please report suspected security vulnerabilities in private to +`security@getgophish.com`. +Please do **NOT** create publicly viewable issues for suspected security +vulnerabilities. + +## Closing policy for issues and merge requests + +It is our goal that gophish will become a popular tool for the infosec community. If this were to happen, we may begin receiving more issues and merge requests than we can keep up with. + +Out of respect for our volunteers, issues and merge requests not in line with the guidelines listed in this document may be closed without notice. It will always be our goal to try and provide at least a reason why the issue is closed as much as possible. + +Please treat our volunteers with courtesy and respect, it will go a long way +towards getting your issue resolved. + +Issues and merge requests should be in English and contain appropriate language +for audiences of all ages. + +## I want to contribute! + +**Awesome!** We're excited to have your help. If you want to contribute to gophish, but are not sure where to start, +look for [issues with the label `contributor-friendly`][contributor-friendly]. These issues +will be of reasonable size and challenge, as well as not requiring a ton of internal plumbing on the gophish source code. + +## Have Questions? +If you ever have questions, please don't hesitate to reach out to us directly at `support@getgophish.com` + +[contributor-friendly]: https://github.com/gophish/gophish/labels/contributor-friendly diff --git a/doc/corporate_contributor_license_agreement.md b/doc/corporate_contributor_license_agreement.md new file mode 100644 index 00000000..34308c58 --- /dev/null +++ b/doc/corporate_contributor_license_agreement.md @@ -0,0 +1,25 @@ +# Corporate contributor license agreement + +You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the gophish team. Except for the license granted herein to the gophish team and recipients of software distributed by the gophish team, You reserve all right, title, and interest in and to Your Contributions. + +1. Definitions. + + "You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with the gophish team. For legal entities, the entity making a Contribution and all other entities that control, are controlled by, or are under common control with that entity are considered to be a single Contributor. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. + + "Contribution" shall mean the code, documentation or other original works of authorship expressly identified in Schedule B, as well as any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to the gophish team for inclusion in, or documentation of, any of the products owned or managed by the gophish team (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the gophish team or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the gophish team for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution." + +2. Grant of Copyright License. Subject to the terms and conditions of this Agreement, You hereby grant to the gophish team and to recipients of software distributed by the gophish team a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works. + +3. Grant of Patent License. Subject to the terms and conditions of this Agreement, You hereby grant to the gophish team and to recipients of software distributed by the gophish team a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that your Contribution, or the Work to which you have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed. + +4. You represent that You are legally entitled to grant the above license. You represent further that each employee of the Corporation designated on Schedule A below (or in a subsequent written modification to that Schedule) is authorized to submit Contributions on behalf of the Corporation. + +5. You represent that each of Your Contributions is Your original creation (see section 7 for submissions on behalf of others). + +6. You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. + +7. Should You wish to submit work that is not Your original creation, You may submit it to the gophish team separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]". + +8. It is your responsibility to notify the gophish team when any change is required to the list of designated employees authorized to submit Contributions on behalf of the Corporation, or to the Corporation's Point of Contact with the gophish team. + +This text is licensed under the [Creative Commons Attribution 3.0 License](https://creativecommons.org/licenses/by/3.0/) and the original source is the Google Open Source Programs Office. diff --git a/doc/individual_contributor_license_agreement.md b/doc/individual_contributor_license_agreement.md new file mode 100644 index 00000000..50467eea --- /dev/null +++ b/doc/individual_contributor_license_agreement.md @@ -0,0 +1,25 @@ +# Individual contributor license agreement + +You accept and agree to the following terms and conditions for Your present and future Contributions submitted to the gophish team. Except for the license granted herein to the gophish team and recipients of software distributed by the gophish team, You reserve all right, title, and interest in and to Your Contributions. + +1. Definitions. + + "You" (or "Your") shall mean the copyright owner or legal entity authorized by the copyright owner that is making this Agreement with the gophish team. For legal entities, the entity making a Contribution and all other entities that control, are controlled by, or are under common control with that entity are considered to be a single Contributor. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. + + "Contribution" shall mean any original work of authorship, including any modifications or additions to an existing work, that is intentionally submitted by You to the gophish team for inclusion in, or documentation of, any of the products owned or managed by the gophish team (the "Work"). For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the gophish team or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the gophish team for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by You as "Not a Contribution." + +2. Grant of Copyright License. Subject to the terms and conditions of this Agreement, You hereby grant to the gophish team and to recipients of software distributed by the gophish team a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, sublicense, and distribute Your Contributions and such derivative works. + +3. Grant of Patent License. Subject to the terms and conditions of this Agreement, You hereby grant to the gophish team and to recipients of software distributed by the gophish team a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by You that are necessarily infringed by Your Contribution(s) alone or by combination of Your Contribution(s) with the Work to which such Contribution(s) was submitted. If any entity institutes patent litigation against You or any other entity (including a cross-claim or counterclaim in a lawsuit) alleging that your Contribution, or the Work to which you have contributed, constitutes direct or contributory patent infringement, then any patent licenses granted to that entity under this Agreement for that Contribution or Work shall terminate as of the date such litigation is filed. + +4. You represent that you are legally entitled to grant the above license. If your employer(s) has rights to intellectual property that you create that includes your Contributions, you represent that you have received permission to make Contributions on behalf of that employer, that your employer has waived such rights for your Contributions to the gophish team, or that your employer has executed a separate Corporate CLA with the gophish team. + +5. You represent that each of Your Contributions is Your original creation (see section 7 for submissions on behalf of others). You represent that Your Contribution submissions include complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are personally aware and which are associated with any part of Your Contributions. + +6. You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON- INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. + +7. Should You wish to submit work that is not Your original creation, You may submit it to the gophish team separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [[]named here]". + +8. You agree to notify the gophish team of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect. + +This text is licensed under the [Creative Commons Attribution 3.0 License](https://creativecommons.org/licenses/by/3.0/) and the original source is the Google Open Source Programs Office.