Are you ready to contribute to the IriusRisk library? We welcome community contributions! Please don't hesitate to share your Libraries, Templates or scripts for the benefit of the entire threat modeling community!
Contributing to the library can be done via the standard pull-request method. Here are the basic steps:
- Create a fork of the IriusRisk-Central library
- Clone that fork to your local machine
- Add your changes to the appropriate directory
- Commit those changes to your fork and push them to GitHub
- Create a pull-request against the IriusRisk-Central repository (main branch)
CLICK HERE for detailed directions!
Please don't hesitate to reach out if you have any questions about this process.
While we often spend a lot of time working on our time-savers, we typically tend to forget documenting. After all, we know what they do and their purpose intimately, having conceived and created them. Documenting what we already know doesn't seem as useful as the myriad improvements we might make to the tools.
Unfortunately, others don't have our insights into what we're doing, so may not see the purpose, let alone udnerstand the details. For this reason, it's important to carefully document everything we're providing to the community.
This takes different forms for the different artifacts. For external scripts (found in Integrations), sound commenting according to the script language in question should suffice. For Templates, typically a short description should suffice. Shapes are similar--just mentioning what they are and when to use them is typically enough.
For Libraries, especially complex ones, it might be advisable to include a more detailed description. This should include:
- What the library covers
- The sources for producing it
- Pertinent details (version, date, etc)
- Anything else a user needs to know
Consider adding a similarly-named markdown page to include such descriptions, in addition to descriptions within the library itself. So if you had a library titled ACME Standards.xml, considering creating the markdown file ACME Standards.md and include the detailed description there.
The best way to reach the repo owners is the Issues page. Use this for any of your communication needs.