Thank you for your interest in contributing to Sudo! There are a number of way you can help make Sudo better.
To get an overview of Sudo, see the README.md file. There are multiple ways to contribute, some of which don't require writing a single line of code.
If you believe you have found a bug, you can either file a bug report in the sudo bug database, https://bugzilla.sudo.ws/, or open a GitHub issue, whichever you find easier. If you would prefer to use email, messages may be sent to the [email protected] mailing list (public) or to [email protected] (private).
For sudo's security policy and how to report security issues, see SECURITY.md.
Please check TROUBLESHOOTING.md before submitting a bug report. When reporting bugs, be sure to include the version of sudo you are using, the operating system and/or distro that is affected, and, if possible, step-by-step instructions to reproduce the problem.
If you are interested in making changes to Sudo there are two main work flows:
-
clone the sudo repo, make your changes, and submit a Pull Request (PR).
-
send a diff with your changes to the [email protected] mailing list to start a discussion.
In addition to the GitHub repo, there is also a mercurial repo.
If you would like to discuss your changes before submitting a PR, you may do so on the [email protected] mailing list. Otherwise, discussion can simply occur as part of the PR work flow.
Sudo uses the oss-fuzz project to perform fuzzing. Each commit to the main branch will trigger a short fuzzing run via the CIFuzz action. The history of that action shows successful and failed fuzzing runs.
Longer fuzzing runs occur using the ClusterFuzz infrastructure. These fuzzing runs are longer than those used by CIFuzz. A public list of failures is available.
For more information, see https://www.sudo.ws/security/fuzzing/.
Sudo uses GNU gettext for
its National Language Support (NLS). Strings in sudo and related
programs are collected in .pot files that can be translated into
multiple languages.
Translations for sudo are coordinated by the Translation
Project. If you would like to
contribute to Sudo's translations, please join a translation team
at the Translation Project instead of contributing a .po file
directly. This will avoid duplicated work if there is already a
translation in progress. If you would like to become a member of
a translation team, please follow the instructions for
translators.
There are currently two translation domains: one for the sudo front-end and a separate one for the sudoers module and related utilities.