-
Notifications
You must be signed in to change notification settings - Fork 5
Challenge Submission Guidelines
Thank you for even considering submitting a challenge. Getting more people in on the action is a great way to add diversity. We look forward to learning from the challenges ourselves. In order to ensure consistency in the challenges, here are some simple guidelines to follow.
Ideally bugs should be related to common security issues. Don't let that stop you if you think you have a really good idea that's not related to security, though.
It should be possible to understand the code in 5 - 60 minutes for an average programmer familiar with the language.
There's a range. For an easy challenge, it should take at least 10 - 20 minutes by someone who has an idea of what to look for. At the most difficult, the challenge should be solvable within 3 or 4 hours by an experienced programmer.
Popular languages are preferable, but we can make exceptions to this if you think your idea is cool.
- Code must be MIT licensed, either include a
LICENSE.mdor the MIT license in the code. - Include the line number or contiguous block of line numbers that contain the bug
- Include a
README.mdwhich describes how to build and run the app, if possible
E-mail the challenge to [email protected]. It can be a secret gist, compressed archive, pastebin link, steganographically encoded in an image, etc.
First, you get the warm, tingly feeling of having contributed to a fun challenge which has the goal of improving the skill of developers and thus the security of software in general.
When you submit, include your address and t-shirt size if you'd like a free t-shirt. Who doesn't love free t-shirts?
Also, let us know your GitHub and / or Twitter handle so we can give you credit. Since this is security, some of you are probably paranoid and want to remain anonymous. That's OK too. Just let us know.