Contributing to the MAS Project¶
First of all, ⭐ Give us a Star in GitHub!
The MAS project is an open source effort and we welcome all kinds of contributions and feedback.
Help us improve & join our community:
- 🐞 Report an error (typos, grammar) or fix it on a Pull Request.
- 💬 Give feedback (MASTG/MASVS).
- 🙏 Ask questions (MASTG/MASVS).
Contribute with content:
- 💡 Propose ideas or suggest improvements (MASTG/MASVS). If it qualifies we'll promote it to an Issue.
- 📄 Create a Pull Request for concrete fixes (e.g. grammar/typos) or content already approved by the core team.
Contribution Credit / Acknowledgments¶
Contributors are added to the acknowledgments section based on their contributions logged by GitHub and/or by applying to a certain role and consistently demonstrating their commitment. Acknowledgements are visible in:
- OWASP MASTG Authors & Co-Authors sections
- OWASP MASTG Contributors section
- OWASP MASTG printed version
Contributors are categorized as follows:
- Project Leader / Author: Manage the development of the guide continuously and write a large amount of new content. Project Leadership cannot be achieved if any violations of the Code of Conduct occurred in the past. Be aware that you'll be expected to invest lots of time over several months.
- Reviewer: People that continuously monitor and review our Pull Requests or given useful feedback and suggesting changes.
- Most Helpful Discussions contributor: actively participate in our GitHub Discussions. Contributors with the most answers marked as "The Answer" will get recognized as "Most Helpful" in our official repos.
- Co-Author: Consistently contribute quality content, at least 2,000 additions logged.
- Top Contributor: Consistently contribute quality content, at least 500 additions logged.
- Contributor: Any form of contribution, at least 50 additions logged.
- Mini-contributor: Everything below 50 additions, e.g. committing a single word or sentence.
Contact us if you are planning to become an Author/Co-Author/Reviewer, are missing from the acknowledgements (note that we make updates frequently, but not in realtime).
🚫 What not to do¶
Although we greatly appreciate any and all contributions to the project, there are a few things that you should take into consideration:
- No advertisement: The OWASP mobile Security Project cannot be used as a platform for advertisement of commercial tools, companies or individuals. Technical content such as the implementation of certain techniques or tests should be written with free and open-source tools in mind. Commercial tools are typically not accepted, but might be referenced in some specific cases.
- No unnecessary self-promotion of tools or blog posts: If you have a relation with one of the URLs or tools you are referencing, please state so in the PR so that we can verify that the reference is in line with the rest of the guide.