From ed02850e10ac3f5a25f6241ef0af8f618b218d54 Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Mon, 12 May 2025 22:51:00 +1200 Subject: [PATCH 01/10] ci: Docker - Prefer `dist-local` stage --- .github/workflows/docker-3.2.yml | 2 -- Dockerfile.alpine | 8 ++++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker-3.2.yml b/.github/workflows/docker-3.2.yml index 31b10f2..f921972 100644 --- a/.github/workflows/docker-3.2.yml +++ b/.github/workflows/docker-3.2.yml @@ -56,8 +56,6 @@ jobs: context: . file: Dockerfile.alpine platforms: linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/arm/v6,linux/ppc64le - build-args: - - GIT_BRANCH cache-from: type=gha, scope=${{ github.workflow }} cache-to: type=gha, scope=${{ github.workflow }} labels: ${{ steps.docker_meta.outputs.labels }} diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 3e353d8..82905f8 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -12,12 +12,12 @@ CMD ["--help"] # Final image stage (add `testssl.sh` project files) # Choose either one as the final stage (defaults to last stage, `dist-git`) -# 27MB Image (Local repo copy from build context, uses `.dockerignore`): -FROM base-alpine AS dist-local -COPY --chown=testssl:testssl . /home/testssl/ - # 35MB Image (Remote repo clone, cannot filter content through `.dockerignore`): FROM base-alpine AS dist-git ARG GIT_URL=https://github.com/testssl/testssl.sh.git ARG GIT_BRANCH ADD --chown=testssl:testssl ${GIT_URL}#${GIT_BRANCH?branch-required} /home/testssl + +# 27MB Image (Local repo copy from build context, uses `.dockerignore`): +FROM base-alpine AS dist-local +COPY --chown=testssl:testssl . /home/testssl/ From 222ad8ae36ecd09ac5e9f0433a00bebea93a490c Mon Sep 17 00:00:00 2001 From: Dirk Date: Fri, 16 May 2025 18:07:09 +0200 Subject: [PATCH 02/10] Fix indentation --- .github/workflows/unit_tests_ubuntu.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/unit_tests_ubuntu.yml b/.github/workflows/unit_tests_ubuntu.yml index f42224d..986c1f3 100644 --- a/.github/workflows/unit_tests_ubuntu.yml +++ b/.github/workflows/unit_tests_ubuntu.yml @@ -50,10 +50,10 @@ jobs: - name: Install perl modules run: | - cpanm --notest Test::More - cpanm --notest Data::Dumper - cpanm --notest JSON - cpanm --notest Text::Diff + cpanm --notest Test::More + cpanm --notest Data::Dumper + cpanm --notest JSON + cpanm --notest Text::Diff - name: run it run: | From 7df43ea752d0ba12341f448ef1a7400e608fe33c Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Fri, 16 May 2025 19:06:24 +0200 Subject: [PATCH 03/10] More badges see https://shields.io/badges --- Readme.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/Readme.md b/Readme.md index ac06638..607c57c 100644 --- a/Readme.md +++ b/Readme.md @@ -1,11 +1,14 @@ ## Intro - -[![CI tests](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml/badge.svg)](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml) -[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/testssl/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) +![GitHub Tag](https://img.shields.io/github/v/tag/testssl/testssl.sh) +![Static Badge](https://img.shields.io/badge/%2Fbin%2Fbash_-blue) +![Static Badge](https://img.shields.io/badge/OpenSSL_-blue) [![License](https://img.shields.io/github/license/testssl/testssl.sh)](https://github.com/testssl/testssl.sh/LICENSE) +![GitHub commit activity](https://img.shields.io/github/commit-activity/m/testssl/testssl.sh) +[![CI tests](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml/badge.svg)](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml) [![Docker](https://img.shields.io/docker/pulls/drwetter/testssl.sh)](https://github.com/testssl/testssl.sh/blob/3.2/Dockerfile.md) - +![Mastodon Follow](https://img.shields.io/mastodon/follow/109319848143024146?domain=infosec.exchange) +[![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/testssl/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) `testssl.sh` is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some From d0aa6fa84dc003bc4ec8682394a13a06112fddce Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 17 May 2025 16:19:42 +0200 Subject: [PATCH 04/10] Update Readme.md More badges --- Readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Readme.md b/Readme.md index 607c57c..76e8d6c 100644 --- a/Readme.md +++ b/Readme.md @@ -4,6 +4,8 @@ ![Static Badge](https://img.shields.io/badge/%2Fbin%2Fbash_-blue) ![Static Badge](https://img.shields.io/badge/OpenSSL_-blue) [![License](https://img.shields.io/github/license/testssl/testssl.sh)](https://github.com/testssl/testssl.sh/LICENSE) +![GitHub Created At](https://img.shields.io/github/created-at/testssl/testssl.sh) +![GitHub last commit](https://img.shields.io/github/last-commit/testssl/testssl.sh) ![GitHub commit activity](https://img.shields.io/github/commit-activity/m/testssl/testssl.sh) [![CI tests](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml/badge.svg)](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml) [![Docker](https://img.shields.io/docker/pulls/drwetter/testssl.sh)](https://github.com/testssl/testssl.sh/blob/3.2/Dockerfile.md) From 05fb3c3fe96a6e44d2479cef6532ce0d06bfd522 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 17 May 2025 16:20:40 +0200 Subject: [PATCH 05/10] Identation --- .github/workflows/unit_tests_ubuntu.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/unit_tests_ubuntu.yml b/.github/workflows/unit_tests_ubuntu.yml index f42224d..986c1f3 100644 --- a/.github/workflows/unit_tests_ubuntu.yml +++ b/.github/workflows/unit_tests_ubuntu.yml @@ -50,10 +50,10 @@ jobs: - name: Install perl modules run: | - cpanm --notest Test::More - cpanm --notest Data::Dumper - cpanm --notest JSON - cpanm --notest Text::Diff + cpanm --notest Test::More + cpanm --notest Data::Dumper + cpanm --notest JSON + cpanm --notest Text::Diff - name: run it run: | From 9f73f782a125a6e05fa55e265a43d401ee6ab70e Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Sat, 17 May 2025 16:35:58 +0200 Subject: [PATCH 06/10] Update Readme.md Bluesky badge --- Readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/Readme.md b/Readme.md index 76e8d6c..a047f00 100644 --- a/Readme.md +++ b/Readme.md @@ -10,6 +10,7 @@ [![CI tests](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml/badge.svg)](https://github.com/testssl/testssl.sh/actions/workflows/unit_tests_ubuntu.yml) [![Docker](https://img.shields.io/docker/pulls/drwetter/testssl.sh)](https://github.com/testssl/testssl.sh/blob/3.2/Dockerfile.md) ![Mastodon Follow](https://img.shields.io/mastodon/follow/109319848143024146?domain=infosec.exchange) +[![Bluesky](https://img.shields.io/badge/dynamic/json?url=https%3A%2F%2Fpublic.api.bsky.app%2Fxrpc%2Fapp.bsky.actor.getProfile%2F%3Factor%3Dtestssl.bsky.social&query=%24.followersCount&style=social&logo=bluesky&label=Follow%20%40testssl.sh) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/testssl/testssl.sh?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) `testssl.sh` is a free command line tool which checks a server's service on From 5b899958ec6da85c28e82800ac7738a2074399aa Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Mon, 19 May 2025 11:47:15 +1200 Subject: [PATCH 07/10] chore: `Dockerfile` - Adopt HereDoc syntax --- Dockerfile | 61 ++++++++++++++++++++++++++++------------------- Dockerfile.alpine | 22 +++++++++++++---- 2 files changed, 53 insertions(+), 30 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0585133..4ffc921 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,42 +6,53 @@ ARG INSTALL_ROOT=/rootfs FROM opensuse/leap:${LEAP_VERSION} AS builder ARG CACHE_ZYPPER=/tmp/cache/zypper ARG INSTALL_ROOT -RUN \ - # /etc/os-release provides ${VERSION_ID} for usage in ZYPPER_OPTIONS: - source /etc/os-release \ - # We don't need the openh264.repo and the non-oss repos, just costs build time (repo caches). - && zypper removerepo repo-openh264 repo-non-oss repo-update-non-oss \ - && export ZYPPER_OPTIONS=( --releasever "${VERSION_ID}" --installroot "${INSTALL_ROOT}" --cache-dir "${CACHE_ZYPPER}" ) \ - && zypper "${ZYPPER_OPTIONS[@]}" --gpg-auto-import-keys refresh \ - && zypper "${ZYPPER_OPTIONS[@]}" --non-interactive install --download-in-advance --no-recommends \ - bash procps grep gawk sed coreutils busybox ldns libidn2-0 socat openssl curl \ - && zypper "${ZYPPER_OPTIONS[@]}" clean --all \ - ## Cleanup (reclaim approx 13 MiB): +RUN <> /etc/passwd \ - && echo 'testssl:x:1000:' >> /etc/group \ - && echo 'testssl:!::0:::::' >> /etc/shadow \ - && install --mode 2755 --owner testssl --group testssl --directory /home/testssl \ - # The home directory will install a copy of `testssl.sh`, symlink the script to be used as a command: - && ln -s /home/testssl/testssl.sh /usr/local/bin/testssl.sh + echo 'testssl:x:1000:1000::/home/testssl:/bin/bash' >> /etc/passwd + echo 'testssl:x:1000:' >> /etc/group + echo 'testssl:!::0:::::' >> /etc/shadow + install --mode 2755 --owner testssl --group testssl --directory /home/testssl + + # A copy of `testssl.sh` will be added to the home directory, + # symlink to that file so it can be treated as a command: + ln -s /home/testssl/testssl.sh /usr/local/bin/testssl.sh +HEREDOC # Runtime config: USER testssl @@ -49,7 +60,7 @@ ENTRYPOINT ["testssl.sh"] CMD ["--help"] # Final image stage (add `testssl.sh` project files) -# Choose either one as the final stage (defaults to last stage, `dist-local`) +# Choose either one as the final stage (defaults to the last stage, `dist-local`) # 62MB Image (Remote repo clone, cannot filter content through `.dockerignore`): FROM base-leap AS dist-git diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 82905f8..adb5fb5 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -1,8 +1,20 @@ +# syntax=docker.io/docker/dockerfile:1 + FROM alpine:3.21 AS base-alpine -RUN apk add --no-cache bash procps drill coreutils libidn curl socat openssl xxd \ - && addgroup testssl \ - && adduser -G testssl -g "testssl user" -s /bin/bash -D testssl \ - && ln -s /home/testssl/testssl.sh /usr/local/bin/testssl.sh +RUN <> /etc/passwd + echo 'testssl:x:1000:' >> /etc/group + echo 'testssl:!::0:::::' >> /etc/shadow + install --mode 2755 --owner testssl --group testssl --directory /home/testssl + + # A copy of `testssl.sh` will be added to the home directory, + # symlink to that file so it can be treated as a command: + ln -s /home/testssl/testssl.sh /usr/local/bin/testssl.sh +HEREDOC # Runtime config: USER testssl @@ -10,7 +22,7 @@ ENTRYPOINT ["testssl.sh"] CMD ["--help"] # Final image stage (add `testssl.sh` project files) -# Choose either one as the final stage (defaults to last stage, `dist-git`) +# Choose either one as the final stage (defaults to the last stage, `dist-local`) # 35MB Image (Remote repo clone, cannot filter content through `.dockerignore`): FROM base-alpine AS dist-git From af57ec4659a31600ab2d426ad09a9186f34f4691 Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Mon, 19 May 2025 11:47:49 +1200 Subject: [PATCH 08/10] docs: Docker - Minor corrections --- .github/workflows/docker-3.2.yml | 2 -- Dockerfile.md | 4 ++-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-3.2.yml b/.github/workflows/docker-3.2.yml index 38b67b3..aba3d0c 100644 --- a/.github/workflows/docker-3.2.yml +++ b/.github/workflows/docker-3.2.yml @@ -15,10 +15,8 @@ env: GIT_BRANCH: "3.2" jobs: - deploy: runs-on: ubuntu-24.04 - steps: - name: lowercase the repository name run: echo "REPO=${GITHUB_REPOSITORY@L}" >> "${GITHUB_ENV}" diff --git a/Dockerfile.md b/Dockerfile.md index af9020f..26ca321 100644 --- a/Dockerfile.md +++ b/Dockerfile.md @@ -1,6 +1,6 @@ ## Usage -Run the image with `testssl.sh` options appended (default is `--help`). The container entrypoint is already set to `testsl.sh` as the command for convenience. +Run the image with `testssl.sh` options appended (default is `--help`). The container entrypoint is already set to `testsl.sh` for convenience. ```bash docker run --rm -it ghcr.io/testssl/testssl.sh:3.2 --fs github.com @@ -47,7 +47,7 @@ There are two base images supported: - openSUSE Leap ([`Dockerfile`](./Dockerfile)), glibc-based + faster. - Alpine ([`Dockerfile`](./Dockerfile.alpine)), musl-based + half the size. -The Alpine variant is made available if you need broarder platform support, or an image about 30MB smaller at the expense of slightly slower performance. +The Alpine variant is made available if you need broader platform support, or an image about 30MB smaller at the expense of slightly slower performance. #### Tip - Remote build context + `Dockerfile` From 9dc4ea338b553b0874cc0f3b46000b6134c45d33 Mon Sep 17 00:00:00 2001 From: Brennan Kinney <5098581+polarathene@users.noreply.github.com> Date: Mon, 19 May 2025 12:09:44 +1200 Subject: [PATCH 09/10] docs: `Dockerfile` - Use ref links --- Dockerfile | 2 +- Dockerfile.md | 22 ++++++++++++++++------ 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4ffc921..825f4b1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,7 @@ RUN < [!NOTE] > - The UID/GID ownership of the file will be created by the container user `testssl` (`1000:1000`), with permissions `644`. -> - Your host directory must permit the `testssl` container user or group to write to that host volume. You could alternatively use [`docker cp`](https://docs.docker.com/reference/cli/docker/container/cp/). +> - Your host directory must permit the `testssl` container user or group to write to that host volume. You could alternatively use [`docker cp`][docker-docs::cli::cp]. ## Images ### Available at DockerHub and GHCR You can pull the image from either of these registries: -- DockerHub: [`drwetter/testssl.sh`](https://hub.docker.com/r/drwetter/testssl.sh) -- GHCR: [`ghcr.io/testssl/testssl.sh`](https://github.com/testssl/testssl.sh/pkgs/container/testssl.sh) +- DockerHub: [`drwetter/testssl.sh`][image-registry::dockerhub] +- GHCR: [`ghcr.io/testssl/testssl.sh`][image-registry::ghcr] Supported tags: - `3.2` / `latest` -- `3.0` is the old stable version ([soon to become EOL](https://github.com/testssl/testssl.sh/tree/3.0#status)) +- `3.0` is the old stable version ([soon to become EOL][testssl::v3p0-eol]) ### Building the `testssl.sh` container image @@ -47,7 +47,9 @@ There are two base images supported: - openSUSE Leap ([`Dockerfile`](./Dockerfile)), glibc-based + faster. - Alpine ([`Dockerfile`](./Dockerfile.alpine)), musl-based + half the size. -The Alpine variant is made available if you need broader platform support, or an image about 30MB smaller at the expense of slightly slower performance. +The Alpine variant is made available if you need broader platform support, or an image about 30MB smaller at the expense of [slightly slower performance][testssl::base-image-performance]. + +For contributors, if needing context on the [package selection has been documented][testssl::base-image-packages] for each base image. #### Tip - Remote build context + `Dockerfile` @@ -58,7 +60,7 @@ docker build --tag localhost/testssl.sh:3.2 https://github.com/testssl/testssl.s ``` > [!NOTE] -> This will produce a slightly larger image as [`.dockerignore` is not supported with remote build contexts](https://github.com/docker/buildx/issues/3169). +> This will produce a slightly larger image as [`.dockerignore` is not supported with remote build contexts][build::dockerignore-remote-context]. --- @@ -70,3 +72,11 @@ docker build \ --file https://raw.githubusercontent.com/testssl/testssl.sh/3.2/Dockerfile.alpine \ https://github.com/testssl/testssl.sh.git#3.2 ``` + +[docker-docs::cli::cp]: https://docs.docker.com/reference/cli/docker/container/cp/ +[image-registry::dockerhub]: https://hub.docker.com/r/drwetter/testssl.sh +[image-registry::ghcr]: https://github.com/testssl/testssl.sh/pkgs/container/testssl.sh +[testssl::v3p0-eol]: https://github.com/testssl/testssl.sh/tree/3.0#status +[testssl::base-image-performance]: https://github.com/testssl/testssl.sh/issues/2422#issuecomment-2841822406 +[testssl::base-image-packages]: https://github.com/testssl/testssl.sh/issues/2422#issuecomment-2841822406 +[build::dockerignore-remote-context]: https://github.com/docker/buildx/issues/3169 From 81b377bda97287412286cadff61eb5fa77c16a50 Mon Sep 17 00:00:00 2001 From: Dirk Wetter Date: Tue, 20 May 2025 12:37:57 +0200 Subject: [PATCH 10/10] slight rewording --- Readme.md | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/Readme.md b/Readme.md index a047f00..4cd522d 100644 --- a/Readme.md +++ b/Readme.md @@ -29,7 +29,7 @@ cryptographic flaws. * Reliability: features are tested thoroughly. * Privacy: It's only you who sees the result, not a third party. * Freedom: It's 100% open source. You can look at the code, see what's going on. -* The development is open @ GitHub and participation is welcome. +* The development is free and open @ GitHub and participation is welcome. ### License @@ -43,14 +43,14 @@ to get bugfixes, other feedback and more contributions. ### Compatibility -Testssl.sh is working on every Linux/BSD distribution out of the box. Latest by 2.9dev +Testssl.sh is working on every Linux/BSD distribution and MacOS out of the box. Latest by 2.9dev most of the limitations of disabled features from the openssl client are gone due to bash-socket-based checks. An old OpenSSL-bad version is supplied but but you can also use any LibreSSL or OpenSSL version. testssl.sh also works on other unixoid systems out of the box, supposed they have `/bin/bash` >= version 3.2 and standard tools like sed and awk installed. An implicit (silent) check for binaries is done when you start testssl.sh . System V needs probably -to have GNU grep installed. MacOS X and Windows (using MSYS2, Cygwin or WSL) work too. +to have GNU grep installed. Windows (using MSYS2, Cygwin or WSL) work too. Update notification here or @ [mastodon](https://infosec.exchange/@testssl) or [bluesky](https://bsky.app/profile/testssl.bsky.social). [twitter](https://twitter.com/drwetter) is not being used anymore. @@ -80,7 +80,7 @@ docker run --rm -it ghcr.io/testssl/testssl.sh Or if you have cloned this repo you also can just ``cd`` to the INSTALLDIR and run ``` -docker build . -t imagefoo && docker run --rm -t imagefoo example.com +docker build . -t imagefoo && docker run --rm -t imagefoo testssl.net ``` For more please consult [Dockerfile.md](https://github.com/testssl/testssl.sh/blob/3.2/Dockerfile.md). @@ -89,32 +89,33 @@ For more please consult [Dockerfile.md](https://github.com/testssl/testssl.sh/bl Usage of the program is without any warranty. Use it at your own risk. -Testssl.sh is intended to be used as a standalone CLI tool. While we tried to apply best practise security measures, we can't guarantee that the program is without any vulnerabilities. Running as a service may pose security risks and you're recommended to apply additional security measures. +Testssl.sh is intended to be used as a standalone CLI tool. While we tried to apply best practise security measures and sanitize external input, we can't guarantee that the program is without any vulnerabilities. Running as a web service may pose security risks and you're advised to apply additional security measures. Validate input from the user and from all services which are queried. ### Status -This is the stable release version 3.2. Please use it **now**, as 3.0.x will not get any updates after 3.0.10, with the current manpower we only support n-1 versions. There will be soon a separate 3.3.dev branch where further development takes place before 3.4 becomes the stable version and 3.2 becomes old-stable. +This is the stable version 3.2. Please use it **now**, as 3.0.x will not get any updates after 3.0.10, with the current manpower we only support n-1 versions. There will be soon a separate 3.3.dev branch where further development takes place before 3.4 becomes the stable version and 3.2 becomes old-stable. ### Documentation * .. it is there for reading. Please do so :-) -- at least before asking questions. See man page in groff, html and markdown format in `~/doc/`. * [https://testssl.sh/](https://testssl.sh/) will help to get you started. -* For the (older) version 2.8, Will Hunt provides a longer [description](https://www.4armed.com/blog/doing-your-own-ssl-tls-testing/), including useful background information. +* There's also a [https://deepwiki.com/testssl/testssl.sh](AI generated doc), see also below. +* Will Hunt provides a longer [description](https://www.4armed.com/blog/doing-your-own-ssl-tls-testing/) for an older version (2.8), including useful background information. ### Contributing -A lot of contributors already helped to push the project where it currently is, see [CREDITS.md](https://github.com/testssl/testssl.sh/blob/3.2/CREDITS.md). Your contributions would be also welcome! There's a [large to-do list](https://github.com/testssl/testssl.sh/issues). To get started look for issues which are labeled as [good first issue](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22), [for grabs](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22for+grabs%22) or [help wanted](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22). The latter is more advanced, you can also lookout for documentation issues. +A lot of contributors already helped to push the project where it currently is, see [CREDITS.md](https://github.com/testssl/testssl.sh/blob/3.2/CREDITS.md). Your contribution would be also welcome! There's an [issue list](https://github.com/testssl/testssl.sh/issues). To get started look for issues which are labeled as [good first issue](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22), [for grabs](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22for+grabs%22) or [help wanted](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22). The latter is more advanced. You can also lookout for [documentation issues](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue%20state%3Aopen%20label%3Adocumentation), or you can help with [unit testing](https://github.com/testssl/testssl.sh/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22unit%20test%22) or improving github actions. -It is recommended to read [CONTRIBUTING.md](https://github.com/testssl/testssl.sh/blob/3.2/CONTRIBUTING.md) and please also have a look at he [Coding Convention](https://github.com/testssl/testssl.sh/blob/3.2/Coding_Convention.md). Before you start writing patches with hundreds of lines, better create an issue first. +It is recommended to read [CONTRIBUTING.md](https://github.com/testssl/testssl.sh/blob/3.2/CONTRIBUTING.md) and please also have a look at he [Coding Convention](https://github.com/testssl/testssl.sh/blob/3.2/Coding_Convention.md). Before you start writing PRs with hundreds of lines, better create an issue first. -In general there's also some maintenance burden, like maintaining handshakes and CA stores, writing unit tests, improving github actions. If you believe you can contribute and be responsible to one of those maintenance task, please speak up. That would free resources that we could use for development. +In general there's also some maintenance burden, like maintaining handshakes and CA stores etc. . If you believe you can contribute and be responsible to one of those maintenance task, please speak up. That would free resources that we could use for development. ### Bug reports Bug reports are important. It makes this project more robust. -Please file bugs in the issue tracker @ GitHub. Do not forget to provide detailed information, see template for issue, and further details @ +Please file bugs in the issue tracker @ GitHub. Do not forget to provide detailed information, see the template for issues, and further details @ https://github.com/testssl/testssl.sh/wiki/Bug-reporting. Nobody can read your thoughts -- yet. And only agencies your screen ;-) You can also debug yourself, see [here](https://github.com/testssl/testssl.sh/wiki/Findings-and-HowTo-Fix-them).