adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/docs/development/maintainers/process/landing-pull-requests.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

117 lines
71 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html><html lang="en-US"><head><meta charset="UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=Edge"><link rel="shortcut icon" href="/assets/images/favicon.png" type="image/x-icon"><link rel="stylesheet" href="/assets/css/just-the-docs-default.css"> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-4622520-7"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-4622520-7', { 'anonymize_ip': true }); </script> <script type="text/javascript" src="/assets/js/vendor/lunr.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/mermaid@10.8.0/dist/mermaid.min.js"></script> <script type="text/javascript" src="/assets/js/just-the-docs.js"></script><meta name="viewport" content="width=device-width, initial-scale=1"><title>Landing Pull Requests | Metasploit Documentation Penetration Testing Software, Pen Testing Security</title><meta name="generator" content="Jekyll v4.3.4" /><meta property="og:title" content="Landing Pull Requests" /><meta property="og:locale" content="en_US" /><meta name="description" content="View Metasploit Framework Documentation" /><meta property="og:description" content="View Metasploit Framework Documentation" /><link rel="canonical" href="https://rapid7.github.io/metasploit-framework/docs/development/maintainers/process/landing-pull-requests.html" /><meta property="og:url" content="https://rapid7.github.io/metasploit-framework/docs/development/maintainers/process/landing-pull-requests.html" /><meta property="og:site_name" content="Metasploit Documentation Penetration Testing Software, Pen Testing Security" /><meta property="og:type" content="website" /><meta name="twitter:card" content="summary" /><meta property="twitter:title" content="Landing Pull Requests" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","description":"View Metasploit Framework Documentation","headline":"Landing Pull Requests","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"https://rapid7.github.io/metasploit-framework/assets/images/favicon.png"}},"url":"https://rapid7.github.io/metasploit-framework/docs/development/maintainers/process/landing-pull-requests.html"}</script><body> <svg xmlns="http://www.w3.org/2000/svg" style="display: none;"> <symbol id="svg-link" viewBox="0 0 24 24"><title>Link</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-link"><path d="M10 13a5 5 0 0 0 7.54.54l3-3a5 5 0 0 0-7.07-7.07l-1.72 1.71"></path><path d="M14 11a5 5 0 0 0-7.54-.54l-3 3a5 5 0 0 0 7.07 7.07l1.71-1.71"></path> </svg> </symbol> <symbol id="svg-search" viewBox="0 0 24 24"><title>Search</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-search"> <circle cx="11" cy="11" r="8"></circle><line x1="21" y1="21" x2="16.65" y2="16.65"></line> </svg> </symbol> <symbol id="svg-menu" viewBox="0 0 24 24"><title>Menu</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-menu"><line x1="3" y1="12" x2="21" y2="12"></line><line x1="3" y1="6" x2="21" y2="6"></line><line x1="3" y1="18" x2="21" y2="18"></line> </svg> </symbol> <symbol id="svg-arrow-right" viewBox="0 0 24 24"><title>Expand</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-right"><polyline points="9 18 15 12 9 6"></polyline> </svg> </symbol> <symbol id="svg-doc" viewBox="0 0 24 24"><title>Document</title><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-file"><path d="M13 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V9z"></path><polyline points="13 2 13 9 20 9"></polyline> </svg> </symbol> </svg> <script type="text/javascript" src="/assets/js/toggle_init.js"></script><div class="side-bar"><div class="site-header"> <a href="/" class="site-title lh-tight"><img src="/assets/images/metasploit-logo-dark-external-use.svg" alt="Metasploit Logo" class="title-logo" /> </a> <a href="#" id="menu-button" class="site-button"> <svg viewBox="0 0 24 24" class="icon"><use xlink:href="#svg-menu"></use></svg> </a></div><nav role="navigation" aria-label="Main" id="site-nav" class="site-nav"><ul class="nav-list"><li class="nav-list-item active"><a href="/" class="nav-list-link">Home</a><li class="nav-list-item active"><a href="/docs/code-of-conduct.html" class="nav-list-link">Code Of Conduct</a><li class="nav-list-item active"><a href="/docs/modules.html" class="nav-list-link">Modules</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/pentesting/" class="nav-list-link">Pentesting</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-setting-module-options.html" class="nav-list-link">Setting Module Options</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-upgrading-shells-to-meterpreter.html" class="nav-list-link">Upgrading Shells to Meterpreter</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-post-gather-modules.html" class="nav-list-link">Post Gather Modules</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-http.html" class="nav-list-link">HTTP + HTTPS</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-kubernetes.html" class="nav-list-link">Kubernetes</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-mysql.html" class="nav-list-link">MySQL</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-postgresql.html" class="nav-list-link">PostgreSQL</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-smb.html" class="nav-list-link">SMB</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-ssh.html" class="nav-list-link">SSH</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-winrm.html" class="nav-list-link">WinRM</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-mssql.html" class="nav-list-link">MSSQL</a><li class="nav-list-item active"><a href="/docs/pentesting/metasploit-guide-ldap.html" class="nav-list-link">LDAP</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/pentesting/active-directory/" class="nav-list-link">Active Directory</a><ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/pentesting/active-directory/ad-certificates/" class="nav-list-link">AD CS</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/ad-certificates/overview.html" class="nav-list-link">Overview</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/ad-certificates/attacking-ad-cs-esc-vulnerabilities.html" class="nav-list-link">Attacking AD CS ESC Vulnerabilities Using Metasploit</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/ad-certificates/ldap_esc_vulnerable_cert_finder.html" class="nav-list-link">Vulnerable cert finder</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/ad-certificates/ad_cs_cert_template.html" class="nav-list-link">Manage certificate templates</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/ad-certificates/icpr_cert.html" class="nav-list-link">Request certificates</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/pentesting/active-directory/kerberos/" class="nav-list-link">Kerberos</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/overview.html" class="nav-list-link">Overview</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/service_authentication.html" class="nav-list-link">Authenticating to SMB/WinRM/etc</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/kerberos_login.html" class="nav-list-link">Kerberos login enumeration and bruteforcing</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/get_ticket.html" class="nav-list-link">Get Ticket granting tickets and service tickets</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/ticket_converter.html" class="nav-list-link">Converting kirbi and ccache files</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/forge_ticket.html" class="nav-list-link">Forging tickets</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/inspect_ticket.html" class="nav-list-link">Inspecting tickets</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/kerberoasting.html" class="nav-list-link">Kerberoasting</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/keytab.html" class="nav-list-link">Keytab support and decrypting wireshark traffic</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/rbcd.html" class="nav-list-link">Resource-based constrained delegation (RBCD)</a><li class="nav-list-item active"><a href="/docs/pentesting/active-directory/kerberos/unconstrained_delegation.html" class="nav-list-link">Unconstrained delegation</a></ul></ul></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/" class="nav-list-link">Using Metasploit</a><ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/getting-started/" class="nav-list-link">Getting Started</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/getting-started/nightly-installers.html" class="nav-list-link">Nightly Installers</a><li class="nav-list-item active"><a href="/docs/using-metasploit/getting-started/reporting-a-bug.html" class="nav-list-link">Reporting a Bug</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/basics/" class="nav-list-link">Basics</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/using-metasploit.html" class="nav-list-link">Running modules</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/how-to-use-a-metasploit-module-appropriately.html" class="nav-list-link">How to use a Metasploit module appropriately</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/how-payloads-work.html" class="nav-list-link">How payloads work</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/module-documentation.html" class="nav-list-link">Module Documentation</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/how-to-use-a-reverse-shell-in-metasploit.html" class="nav-list-link">How to use a reverse shell in Metasploit</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/how-to-use-msfvenom.html" class="nav-list-link">How to use msfvenom</a><li class="nav-list-item active"><a href="/docs/using-metasploit/basics/managing-sessions.html" class="nav-list-link">Managing Sessions</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/intermediate/" class="nav-list-link">Intermediate</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/metasploit-database-support.html" class="nav-list-link">Database Support</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/evading-anti-virus.html" class="nav-list-link">Evading Anti Virus</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/exploit-ranking.html" class="nav-list-link">Exploit Ranking</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/hashes-and-password-cracking.html" class="nav-list-link">Hashes and Password Cracking</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/how-to-use-plugins.html" class="nav-list-link">Metasploit Plugins</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/payload-uuid.html" class="nav-list-link">Payload UUID</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/pivoting-in-metasploit.html" class="nav-list-link">Pivoting in Metasploit</a><li class="nav-list-item active"><a href="/docs/using-metasploit/intermediate/running-private-modules.html" class="nav-list-link">Running Private Modules</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/advanced/" class="nav-list-link">Advanced</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/how-to-configure-dns.html" class="nav-list-link">How to Configure DNS</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/metasploit-web-service.html" class="nav-list-link">Metasploit Web Service</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/advanced/meterpreter/" class="nav-list-link">Meterpreter</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter.html" class="nav-list-link">Overview</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-configuration.html" class="nav-list-link">Configuration</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/debugging-dead-meterpreter-sessions.html" class="nav-list-link">Debugging Dead Meterpreter Sessions</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-debugging-meterpreter-sessions.html" class="nav-list-link">Debugging Meterpreter Sessions</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-executebof-command.html" class="nav-list-link">ExecuteBof Command</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-http-communication.html" class="nav-list-link">HTTP Communication</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/how-to-get-started-with-writing-a-meterpreter-script.html" class="nav-list-link">How to get started with writing a Meterpreter script</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-paranoid-mode.html" class="nav-list-link">Paranoid Mode</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/powershell-extension.html" class="nav-list-link">Powershell Extension</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/python-extension.html" class="nav-list-link">Python Extension</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-reg-command.html" class="nav-list-link">Reg Command</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-reliable-network-communication.html" class="nav-list-link">Reliable Network Communication</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-sleep-control.html" class="nav-list-link">Sleep Control</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-stageless-mode.html" class="nav-list-link">Stageless Mode</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/the-ins-and-outs-of-http-and-https-communications-in-meterpreter-and-metasploit-stagers.html" class="nav-list-link">The ins and outs of HTTP and HTTPS communications in Meterpreter and Metasploit Stagers</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-timeout-control.html" class="nav-list-link">Timeout Control</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-transport-control.html" class="nav-list-link">Transport Control</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-unicode-support.html" class="nav-list-link">Unicode Support</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/meterpreter/meterpreter-wishlist.html" class="nav-list-link">Wishlist</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/advanced/RPC/" class="nav-list-link">RPC</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/RPC/how-to-use-metasploit-json-rpc.html" class="nav-list-link">How to use Metasploit JSON RPC</a><li class="nav-list-item active"><a href="/docs/using-metasploit/advanced/RPC/how-to-use-metasploit-messagepack-rpc.html" class="nav-list-link">How to use Metasploit Messagepack RPC</a></ul></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/other/" class="nav-list-link">Other</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/other/how-to-use-metasploit-mcp-server.html" class="nav-list-link">How to use Metasploit MCP Server</a><li class="nav-list-item active"><a href="/docs/using-metasploit/other/how-to-use-metasploit-with-ngrok.html" class="nav-list-link">How to use Metasploit with ngrok</a><li class="nav-list-item active"><a href="/docs/using-metasploit/other/how-to-use-the-favorite-command.html" class="nav-list-link">How to use the Favorite command</a><li class="nav-list-item active"><a href="/docs/using-metasploit/other/information-about-unmet-browser-exploit-requirements.html" class="nav-list-link">Information About Unmet Browser Exploit Requirements</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/using-metasploit/other/oracle-support/" class="nav-list-link">Oracle Support</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/using-metasploit/other/oracle-support/how-to-get-oracle-support-working-with-kali-linux.html" class="nav-list-link">How to get Oracle Support working with Kali Linux</a><li class="nav-list-item active"><a href="/docs/using-metasploit/other/oracle-support/oracle-usage.html" class="nav-list-link">Oracle Usage</a></ul><li class="nav-list-item active"><a href="/docs/using-metasploit/other/why-cve-is-not-available.html" class="nav-list-link">Why CVE is not available</a></ul></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/" class="nav-list-link active">Development</a><ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/get-started/" class="nav-list-link">Get Started</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/get-started/contributing-to-metasploit.html" class="nav-list-link">Contributing to Metasploit</a><li class="nav-list-item active"><a href="/docs/development/get-started/creating-your-first-pr.html" class="nav-list-link">Creating Your First PR</a><li class="nav-list-item active"><a href="/docs/development/get-started/setting-up-a-metasploit-development-environment.html" class="nav-list-link">Setting Up a Metasploit Development Environment</a><li class="nav-list-item active"><a href="/docs/development/get-started/sanitizing-pcaps.html" class="nav-list-link">Sanitizing PCAPs</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/get-started/git/" class="nav-list-link">Git</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/get-started/git/git-reference-sites.html" class="nav-list-link">Git Reference Sites</a><li class="nav-list-item active"><a href="/docs/development/get-started/git/git-cheatsheet.html" class="nav-list-link">Git cheatsheet</a><li class="nav-list-item active"><a href="/docs/development/get-started/git/keeping-in-sync-with-rapid7-master.html" class="nav-list-link">Keeping in sync with rapid7 master</a><li class="nav-list-item active"><a href="/docs/development/get-started/git/remote-branch-pruning.html" class="nav-list-link">Remote Branch Pruning</a><li class="nav-list-item active"><a href="/docs/development/get-started/git/using-git.html" class="nav-list-link">Using Git</a></ul><li class="nav-list-item active"><a href="/docs/development/get-started/navigating-and-understanding-metasploits-codebase.html" class="nav-list-link">Navigating the codebase</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/" class="nav-list-link">Developing Modules</a><ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/guides/" class="nav-list-link">Guides</a><ul class="nav-list"><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/guides/scanners/" class="nav-list-link">Scanners</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/scanners/how-to-write-a-http-loginscanner-module.html" class="nav-list-link">Writing a HTTP LoginScanner</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/scanners/creating-metasploit-framework-loginscanners.html" class="nav-list-link">Writing an FTP LoginScanner</a></ul><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-check-microsoft-patch-levels-for-your-exploit.html" class="nav-list-link">How to check Microsoft patch levels for your exploit</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-use-fetch-payloads.html" class="nav-list-link">How to use Fetch Payloads</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-use-command-stagers.html" class="nav-list-link">How to use command stagers</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-write-a-check-method.html" class="nav-list-link">How to write a check method</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-write-a-cmd-injection-module.html" class="nav-list-link">How to write a cmd injection module</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-write-a-browser-exploit-using-httpserver.html" class="nav-list-link">Writing a browser exploit</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-get-started-with-writing-a-post-module.html" class="nav-list-link">Writing a post module</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/how-to-get-started-with-writing-an-auxiliary-module.html" class="nav-list-link">Writing an auxiliary module</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/guides/get-started-writing-an-exploit.html" class="nav-list-link">Writing an exploit</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/external-modules/" class="nav-list-link">External Modules</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/external-modules/writing-external-metasploit-modules.html" class="nav-list-link">Overview</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/external-modules/writing-external-golang-modules.html" class="nav-list-link">Writing GoLang Modules</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/external-modules/writing-external-python-modules.html" class="nav-list-link">Writing Python Modules</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/module-metadata/" class="nav-list-link">Module metadata</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/module-metadata/definition-of-module-reliability-side-effects-and-stability.html" class="nav-list-link">Definition of Module Reliability Side Effects and Stability</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/module-metadata/how-to-use-datastore-options.html" class="nav-list-link">How to use datastore options</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/module-metadata/module-reference-identifiers.html" class="nav-list-link">Module Reference Identifiers</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/" class="nav-list-link">Libraries</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/api.html" class="nav-list-link">API</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-msf-auxiliary-authbrute-to-write-a-bruteforcer.html" class="nav-list-link">AuthBrute</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-cleanup-after-module-execution.html" class="nav-list-link">Cleanup</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/c/" class="nav-list-link">Compiling C</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/c/how-to-use-metasploit-framework-compiler-windows-to-compile-c-code.html" class="nav-list-link">Overview</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/c/how-to-decode-base64-with-metasploit-framework-compiler.html" class="nav-list-link">Base64 Support</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/c/how-to-decrypt-rc4-with-metasploit-framework-compiler.html" class="nav-list-link">RC4 Support</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/c/how-to-xor-with-metasploit-framework-compiler.html" class="nav-list-link">XOR Support</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/deserialization/" class="nav-list-link">Deserialization</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/deserialization/dot-net-deserialization.html" class="nav-list-link">Dot Net Deserialization</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/deserialization/generating-ysoserial-java-serialized-objects.html" class="nav-list-link">Java Deserialization</a></ul><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/handling-module-failures-with-fail_with.html" class="nav-list-link">Fail_with</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-the-fileformat-mixin-to-create-a-file-format-exploit.html" class="nav-list-link">Fileformat</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-the-git-mixin-to-write-an-exploit-module.html" class="nav-list-link">Git Mixin</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/http/" class="nav-list-link">HTTP</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/http/how-to-write-a-browser-exploit-using-browserexploitserver.html" class="nav-list-link">BrowserExploitServer</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/http/how-to-send-an-http-request-using-httpclient.html" class="nav-list-link">How to Send an HTTP Request Using HttpClient</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/http/how-to-parse-an-http-response.html" class="nav-list-link">How to parse an HTTP response</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/http/how-to-send-an-http-request-using-rex-proto-http-client.html" class="nav-list-link">How to send an HTTP request using Rex Proto Http Client</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/http/how-to-write-a-module-using-httpserver-and-httpclient.html" class="nav-list-link">How to write a module using HttpServer and HttpClient</a></ul><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-log-in-metasploit.html" class="nav-list-link">Logging</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/obfuscation/" class="nav-list-link">Obfuscation</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/obfuscation/how-to-use-metasploit-framework-obfuscation-crandomizer.html" class="nav-list-link">C Obfuscation</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/obfuscation/how-to-obfuscate-javascript-in-metasploit.html" class="nav-list-link">JavaScript Obfuscation</a></ul><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-phpexe-to-exploit-an-arbitrary-file-upload-bug.html" class="nav-list-link">PhpExe</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/post-mixins.html" class="nav-list-link">PostMixins</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-powershell-in-an-exploit.html" class="nav-list-link">Powershell</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-railgun-for-windows-post-exploitation.html" class="nav-list-link">Railgun</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/using-reflectivedll-injection.html" class="nav-list-link">ReflectiveDLL Injection</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-do-reporting-or-store-data-in-module-development.html" class="nav-list-link">Reporting and Storing Data</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-the-seh-mixin-to-exploit-an-exception-handler.html" class="nav-list-link">SEH Exploitation</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/developing-modules/libraries/smb_library/" class="nav-list-link">SMB Library</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/smb_library/guidelines-for-writing-modules-with-smb.html" class="nav-list-link">Guidelines for Writing Modules with SMB</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/smb_library/what-my-rex-proto-smb-error-means.html" class="nav-list-link">What my Rex Proto SMB Error means</a></ul><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/sql-injection-libraries.html" class="nav-list-link">SQL Injection</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-the-msf-exploit-remote-tcp-mixin.html" class="nav-list-link">TCP</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-use-wbemexec-for-a-write-privilege-attack-on-windows.html" class="nav-list-link">WbemExec</a><li class="nav-list-item active"><a href="/docs/development/developing-modules/libraries/how-to-zip-files-with-msf-util-exe-to_zip.html" class="nav-list-link">Zip</a></ul></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/google-summer-of-code/" class="nav-list-link">Google Summer of Code</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2017-mentor-organization-application.html" class="nav-list-link">2017 Mentor Organization Application</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2017-project-ideas.html" class="nav-list-link">2017 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2017-student-proposal.html" class="nav-list-link">2017 Student Proposal</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2018-project-ideas.html" class="nav-list-link">2018 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2019-project-ideas.html" class="nav-list-link">2019 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2020-project-ideas.html" class="nav-list-link">2020 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2021-project-ideas.html" class="nav-list-link">2021 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2022-project-ideas.html" class="nav-list-link">2022 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2023-project-ideas.html" class="nav-list-link">2023 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/gsoc-2026-project-ideas.html" class="nav-list-link">2026 Project Ideas</a><li class="nav-list-item active"><a href="/docs/development/google-summer-of-code/how-to-apply-to-gsoc.html" class="nav-list-link">How to Apply to GSoC</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/maintainers/" class="nav-list-link active">Maintainers</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/maintainers/committer-keys.html" class="nav-list-link">Committer Keys</a><li class="nav-list-item active"><a href="/docs/development/maintainers/committer-rights.html" class="nav-list-link">Committer Rights</a><li class="nav-list-item active"><a href="/docs/development/maintainers/downloads-by-version.html" class="nav-list-link">Downloads by Version</a><li class="nav-list-item active"><a href="/docs/development/maintainers/metasploit-hackathons.html" class="nav-list-link">Metasploit Hackathons</a><li class="nav-list-item active"><a href="/docs/development/maintainers/metasploit-loginpalooza.html" class="nav-list-link">Metasploit Loginpalooza</a><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/maintainers/process/" class="nav-list-link active">Process</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/maintainers/process/assigning-labels.html" class="nav-list-link">Assigning Labels</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/guidelines-for-accepting-modules-and-enhancements.html" class="nav-list-link">Guidelines for Accepting Modules and Enhancements</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/how-to-deprecate-a-metasploit-module.html" class="nav-list-link">How to deprecate a Metasploit module</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/landing-pull-requests.html" class="nav-list-link active">Landing Pull Requests</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/adding-release-notes-to-prs.html" class="nav-list-link">Release Notes</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/rolling-back-merges.html" class="nav-list-link">Rolling back merges</a><li class="nav-list-item active"><a href="/docs/development/maintainers/process/unstable-modules.html" class="nav-list-link">Unstable Modules</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/maintainers/ruby-gems/" class="nav-list-link">Ruby Gems</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/maintainers/ruby-gems/how-to-add-and-update-gems-in-metasploit-framework.html" class="nav-list-link">Adding and Updating</a><li class="nav-list-item active"><a href="/docs/development/maintainers/ruby-gems/merging-metasploit-payload-gem-updates.html" class="nav-list-link">Merging Metasploit Payload Gem Updates</a><li class="nav-list-item active"><a href="/docs/development/maintainers/ruby-gems/using-local-gems.html" class="nav-list-link">Using local Gems</a></ul></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/propsals/" class="nav-list-link">Proposals</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/propsals/bundled-modules-proposal.html" class="nav-list-link">Bundled Modules Proposal</a><li class="nav-list-item active"><a href="/docs/development/propsals/java-meterpreter-feature-parity-proposal.html" class="nav-list-link">Java Meterpreter Feature Parity Proposal</a><li class="nav-list-item active"><a href="/docs/development/propsals/msf6-feature-proposals.html" class="nav-list-link">MSF6 Feature Proposals</a><li class="nav-list-item active"><a href="/docs/development/propsals/metasploit-url-support-proposal.html" class="nav-list-link">Metasploit URL support proposal</a><li class="nav-list-item active"><a href="/docs/development/propsals/payload-rename-justification.html" class="nav-list-link">Payload Rename Justification</a><li class="nav-list-item active"><a href="/docs/development/propsals/uberhandler.html" class="nav-list-link">Uberhandler</a><li class="nav-list-item active"><a href="/docs/development/propsals/work-needed-to-allow-msfdb-to-use-postgresql-common.html" class="nav-list-link">Work needed to allow msfdb to use postgresql common</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/quality/" class="nav-list-link">Quality</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/quality/common-metasploit-module-coding-mistakes.html" class="nav-list-link">Common Metasploit Module Coding Mistakes</a><li class="nav-list-item active"><a href="/docs/development/quality/loading-test-modules.html" class="nav-list-link">Loading Test Modules</a><li class="nav-list-item active"><a href="/docs/development/quality/measuring-metasploit-performance.html" class="nav-list-link">Measuring Metasploit Performance</a><li class="nav-list-item active"><a href="/docs/development/quality/msftidy.html" class="nav-list-link">Msftidy</a><li class="nav-list-item active"><a href="/docs/development/quality/payload-testing.html" class="nav-list-link">Payload Testing</a><li class="nav-list-item active"><a href="/docs/development/quality/style-tips.html" class="nav-list-link">Style Tips</a><li class="nav-list-item active"><a href="/docs/development/quality/using-rubocop.html" class="nav-list-link">Using Rubocop</a><li class="nav-list-item active"><a href="/docs/development/quality/writing-module-documentation.html" class="nav-list-link">Writing Module Documentation</a></ul><li class="nav-list-item active"><a href="#" class="nav-list-expander"><svg viewBox="0 0 24 24"><use xlink:href="#svg-arrow-right"></use></svg></a><a href="/docs/development/roadmap/" class="nav-list-link">Roadmap</a><ul class="nav-list"><li class="nav-list-item active"><a href="/docs/development/roadmap/2017-roadmap.html" class="nav-list-link">2017 Roadmap</a><li class="nav-list-item active"><a href="/docs/development/roadmap/2017-roadmap-review.html" class="nav-list-link">2017 Roadmap Review</a><li class="nav-list-item active"><a href="/docs/development/roadmap/metasploit-breaking-changes.html" class="nav-list-link">Metasploit Breaking Changes</a><li class="nav-list-item active"><a href="/docs/development/roadmap/metasploit-data-service-enhancements-goliath.html" class="nav-list-link">Metasploit Data Service</a><li class="nav-list-item active"><a href="/docs/development/roadmap/metasploit-5-release-notes.html" class="nav-list-link">Metasploit Framework 5.0 Release Notes</a><li class="nav-list-item active"><a href="/docs/development/roadmap/metasploit-6-release-notes.html" class="nav-list-link">Metasploit Framework 6.0 Release Notes</a><li class="nav-list-item active"><a href="/docs/development/roadmap/metasploit-framework-wish-list.html" class="nav-list-link">Metasploit Framework Wish List</a></ul></ul><li class="nav-list-item active"><a href="/docs/contact.html" class="nav-list-link">Contact</a></ul></nav><footer class="site-footer"> This site uses <a href="https://github.com/pmarsceill/just-the-docs">Just the Docs</a>, a documentation theme for Jekyll.</footer></div><div class="main" id="top"><div id="main-header" class="main-header"><div class="search"><div class="search-input-wrap"> <input type="text" id="search-input" class="search-input" tabindex="0" placeholder="Search Metasploit Documentation" aria-label="Search Metasploit Documentation" autocomplete="off"> <label for="search-input" class="search-label"><svg viewBox="0 0 24 24" class="search-icon"><use xlink:href="#svg-search"></use></svg></label></div><div id="search-results" class="search-results"></div></div><link rel="stylesheet" href="/assets/css/main.css"><nav aria-label="Auxiliary" class="aux-nav"><ul class="aux-nav-list"><li class="aux-nav-list-item"> <a href="//github.com/rapid7/metasploit-framework" class="site-button" target="_blank" rel="noopener noreferrer" > Metasploit Framework on GitHub </a></ul></nav></div><div id="main-content-wrap" class="main-content-wrap"><nav aria-label="Breadcrumb" class="breadcrumb-nav"><ol class="breadcrumb-nav-list"><li class="breadcrumb-nav-list-item"> <a href="/docs/development/">Development</a><li class="breadcrumb-nav-list-item"> <a href="/docs/development/maintainers/">Maintainers</a><li class="breadcrumb-nav-list-item"> <a href="/docs/development/maintainers/process/">Process</a><li class="breadcrumb-nav-list-item"> <span>Landing Pull Requests</span></ol></nav><div id="main-content" class="main-content" role="main"><p><strong>This page is meant for Committers. If you are unsure whether you are a committer, you are not.</strong></p><p>Metasploit is built incrementally by the community through GitHubs <a href="https://github.com/rapid7/metasploit-framework/pulls">Pull Request</a> mechanism. Submitting pull requests (or PRs) is already discussed in the <a href="/docs/development/get-started/setting-up-a-metasploit-development-environment.html">Dev environment setup</a> documentation. Its important to realize that PRs are a feature of GitHub, not git, so this document will take a look at how to get your git environment to deal with them sensibly.</p><h1 id="the-short-story"> <a href="#the-short-story" class="anchor-heading" aria-labelledby="the-short-story"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> The short story</h1><ul><li>Configure your git environment as described <a href="/docs/development/get-started/setting-up-a-metasploit-development-environment.html">here</a>.<li>Add the <code class="language-plaintext highlighter-rouge">fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*</code> line to your <code class="language-plaintext highlighter-rouge">.git/config</code>.<li>Add your signing key <code class="language-plaintext highlighter-rouge">git config --global user.signingkey</code><ul><li><p>Use <code class="language-plaintext highlighter-rouge">gpg --list-keys</code> to view your available keys. Note that on certain systems you may need to replace <code class="language-plaintext highlighter-rouge">gpg</code> with <code class="language-plaintext highlighter-rouge">gpg2</code>. Sample output can be seen below:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> pub rsa4096 2020-04-07 [SC]
3198961E148FF5E527E31A5FD35E05C0F2B81E83
uid [ultimate] Grant Willcox &lt;gwillcox@rapid7.com&gt;
sub rsa4096 2020-04-07 [E]
</code></pre></div></div><li><p>Set the GPG key as your signing key. To set the key shown above as the signing key for all repositories, one would execute:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git config --global user.signingkey 3198961E148FF5E527E31A5FD35E05C0F2B81E83
</code></pre></div></div></ul><li><p>When merging code from a pull request, always, always <code class="language-plaintext highlighter-rouge">merge -S --no-ff --edit</code>, and write a meaningful <a href="http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html">50/72</a> commit message that references the original PR as <code class="language-plaintext highlighter-rouge">#1234</code> (not PR1234, not PR#1234, not 1234). For example, your message should look like this:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Land #1234, a whizbang bug fix
Adds a whiz to the existing bang. It appears that without this,
bad things can occasionally happen. Thanks @mcfakepants!
Fixes #1024, also see #999.
</code></pre></div></div><ul><li>The <code class="language-plaintext highlighter-rouge">-S</code> flag indicates that youre going to sign the merge with your PGP/GPG key, which is a nice assurance that youre really you.<li>The <code class="language-plaintext highlighter-rouge">--no-ff</code> flag indicates that you want to create a merge commit no matter what, even if the merge would normally be resolved as a fast forwards. This ensure that all changes have a commit associated with them.<li>The <code class="language-plaintext highlighter-rouge">--edit</code> flag will drop you into your default editor (normally vim), and will allow you to edit the commit message so that it conforms to Metasploit standards, rather than sticking with gits pre-generated commit message which does not.</ul><li>Note that the <code class="language-plaintext highlighter-rouge">--no-ff</code> flag should be used both for PRs that go back to a contributors branch as well as PRs that land in Metasploits master branch.<li>If youre making changes (often the case), merge to a landing branch, then merge <strong>that</strong> branch to upstream/master with the <code class="language-plaintext highlighter-rouge">-S --no-ff --edit</code> options.</ul><h1 id="handy-git-aliases"> <a href="#handy-git-aliases" class="anchor-heading" aria-labelledby="handy-git-aliases"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Handy Git aliases</h1><p>Check out <a href="https://gist.github.com/todb-r7/3fbee1a9e7b36d82ca55">this gist</a> that automates (mostly) landing pull requests, signing the merge commit, all while rarely losing a race with other committers.</p><h1 id="fork-and-clone"> <a href="#fork-and-clone" class="anchor-heading" aria-labelledby="fork-and-clone"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Fork and clone</h1><p>First, fork and clone the <code class="language-plaintext highlighter-rouge">rapid7/metasploit-framework</code> repo, <a href="https://help.github.com/articles/fork-a-repo">following these instructions</a>. I like using ssh with <code class="language-plaintext highlighter-rouge">~/.ssh/config</code> aliases <a href="/docs/development/get-started/setting-up-a-metasploit-development-environment.html">as described here</a>, but the https method will work, too.</p><p>Once this is done, you will have a remote repository called “origin,” which points to your forked repository on GitHub. You will be doing most of your work in your own fork of Metasploit, even if you have commit rights to Rapid7s fork. Now, were going to add an “upstream” repository to talk to the Rapid7 repository.</p><p>In addition, were going to add a magical line to the config file that will let us see all pull requests against the Rapid7 repo (both open and closed). Note that this will take a minute since youre adding some hundreds of megs to your clones refs.</p><p>So, open up <code class="language-plaintext highlighter-rouge">metasploit-framework/.git/config</code> with your favorite editor, add an upstream remote, and add the pull request refs for both your and Rapid7s forks. In the end, you should have a section that started off like this:</p><div class="language-config highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[<span class="n">remote</span> <span class="s2">"upstream"</span>]
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">heads</span>/*:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">upstream</span>/*
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">pull</span>/*/<span class="n">head</span>:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">upstream</span>/<span class="n">pr</span>/*
<span class="n">url</span> = <span class="n">https</span>://<span class="n">github</span>.<span class="n">com</span>/<span class="n">rapid7</span>/<span class="n">metasploit</span>-<span class="n">framework</span>
</code></pre></div></div><p>And now it looks like this:</p><div class="language-config highlighter-rouge"><div class="highlight"><pre class="highlight"><code>[<span class="n">remote</span> <span class="s2">"upstream"</span>]
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">heads</span>/*:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">upstream</span>/*
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">pull</span>/*/<span class="n">head</span>:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">upstream</span>/<span class="n">pr</span>/*
<span class="n">url</span> = <span class="n">git</span>@<span class="n">github</span>.<span class="n">com</span>:<span class="n">rapid7</span>/<span class="n">metasploit</span>-<span class="n">framework</span>.<span class="n">git</span>
[<span class="n">remote</span> <span class="s2">"origin"</span>]
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">heads</span>/*:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">origin</span>/*
<span class="n">fetch</span> = +<span class="n">refs</span>/<span class="n">pull</span>/*/<span class="n">head</span>:<span class="n">refs</span>/<span class="n">remotes</span>/<span class="n">origin</span>/<span class="n">pr</span>/*
<span class="n">url</span> = <span class="n">https</span>://<span class="n">github</span>.<span class="n">com</span>/<span class="n">YOURNAME</span>/<span class="n">metasploit</span>-<span class="n">framework</span>
</code></pre></div></div><p>Some people like to copy these over into remotes named “rapid7” and “yourusername” just so they dont have to remember about “origin” and “upstream,” but for this doc, well just assume you have “origin” and “upstream” defined like this.</p><p>Now, you can git fetch the remote PRs. This will take a little bit, since we have a couple dozen MBs of pull request data. Storage is cheap, though, right?</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git fetch --all
Fetching todb-r7
remote: Counting objects: 13, done.
remote: Compressing objects: 100% (1/1), done.
remote: Total 7 (delta 6), reused 7 (delta 6)
Unpacking objects: 100% (7/7), done.
From https://github.com/todb-r7/metasploit-framework
* [new ref] refs/pull/1/head -&gt; origin/pr/1
* [new ref] refs/pull/2/head -&gt; origin/pr/2
Fetching upstream
remote: Counting objects: 91, done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 59 (delta 47), reused 42 (delta 30)
Unpacking objects: 100% (59/59), done.
From https://github.com/rapid7/metasploit-framework
[... bunches of tags and PRs ...]
* [new ref] refs/pull/1701/head -&gt; upstream/pr/1701
* [new ref] refs/pull/1702/head -&gt; upstream/pr/1702
</code></pre></div></div><p>You can <code class="language-plaintext highlighter-rouge">git fetch</code> a remote any time, and youll get access to the latest changes to all branches and pull requests.</p><h1 id="branching-from-prs"> <a href="#branching-from-prs" class="anchor-heading" aria-labelledby="branching-from-prs"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Branching from PRs</h1><p>A manageable strategy for dealing with outstanding PRs is to start pre-merge testing on the pull request in isolation. For example, to work on PR #1217, we would:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git checkout upstream/pr/1217
Note: checking out 'upstream/pr/1217'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD is now at 9e499e5... Make BindTCP test more robust
((no branch)) todb@mazikeen:~/git/rapid7/metasploit-framework
</code></pre></div></div><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git checkout -b landing-1217
</code></pre></div></div><p>Now, were on a local branch identical to the original pull request, and can move on from there. We can make our changes, isolated from master, and then either send them back to the contributor (this requires looking up the original contributors GitHub username and branch name on GitHub), or if there arent any changes or the changes are trivial, we can land them (if you have committer rights to Rapid7s repo, this is where you land them to the upstream repo).</p><p>In this particular case with PR #1217, I did want to send some changes back to the contributor.</p><p><strong>Important</strong>: If the codebase the contributors PR is based on is severely outdated (e.g., they branched off an outdated <code class="language-plaintext highlighter-rouge">master</code>), you should not test their PR in isolation as described above. Instead, you should create a test branch that is identical to the latest codebase, merge the contributors PR into the test branch, and then start your testing. You may need to <code class="language-plaintext highlighter-rouge">bundle install</code> to ensure youre using the right gems.</p><p>Heres an example with #6954 (your workflow may vary):</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git checkout upstream/master
Note: checking out 'upstream/master'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b &lt;new-branch-name&gt;
HEAD is now at afbeb2b... Land #7023, fixes for swagger exploit
$ git merge --no-ff --no-edit upstream/pr/6954
Merge made by the 'recursive' strategy.
modules/exploits/windows/local/payload_inject.rb | 5 +++++
1 file changed, 5 insertions(+)
[*] Running msftidy.rb in .git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/exploits/windows/local/payload_inject.rb - msftidy check passed
------------------------------------------------------------------------
</code></pre></div></div><p>This ensures that the contributors PR is being tested against the latest codebase and not an outdated one. <strong>If you do not do this</strong>, when you land the PR, you may end up breaking Metasploit.</p><p>Note that the example above will leave you in a detached HEAD state. This is fine if you just want to test the module in question, however if you want to make any changes, dont forget to make a new branch. For the example above this could be done by running the following command:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git checkout -b land-6594
</code></pre></div></div><h2 id="checking-out-branches-from-a-remote-forked-repo-in-your-forked-repo"> <a href="#checking-out-branches-from-a-remote-forked-repo-in-your-forked-repo" class="anchor-heading" aria-labelledby="checking-out-branches-from-a-remote-forked-repo-in-your-forked-repo"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Checking out branches from a remote forked repo in your forked repo</h2><p>After your <code class="language-plaintext highlighter-rouge">.git/config</code> is set up per the above, and you successfully run <code class="language-plaintext highlighter-rouge">git fetch --all</code>, you are two steps away from being able to check out a branch from a contributors forked repo.</p><p>You need to add their fork once as a remote: <code class="language-plaintext highlighter-rouge">git remote add OTHER_USER git://github.com/OTHER_USER/metasploit-framework.git</code>. Now pull down the latest from them: <code class="language-plaintext highlighter-rouge">git fetch OTHER_USER</code>. Now you can check out branches from OTHER_USER per usual, e.g. <code class="language-plaintext highlighter-rouge">git checkout bug/foo</code>.</p><h1 id="making-changes"> <a href="#making-changes" class="anchor-heading" aria-labelledby="making-changes"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Making changes</h1><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ gvim .gitignore
[... make some changes and some commits ...]
(landing-1217) todb@mazikeen:~/git/rapid7/metasploit-framework
$ git checkout -b pr1217-fix-gitignore-conflict
Switched to a new branch 'pr1217-fix-gitignore-conflict'
(pr1217-fix-gitignore-conflict) todb@mazikeen:~/git/rapid7/metasploit-framework
$ git push origin pr1271-fix-gitignore-conflict
(pr1217-fix-gitignore-conflict) todb@mazikeen:~/git/rapid7/metasploit-framework
$ git pr-url schierlm javapayload-maven
Created new window in existing browser session.
</code></pre></div></div><p>This sequence does a few things after editing <code class="language-plaintext highlighter-rouge">.gitconfig</code>. It creates another copy of landing-1217 (which is itself a copy of upstream/pr/1217)). Next, I push those changes to my branch (todb-r7, aka “origin”). Finally, I have a mighty <a href="https://gist.github.com/todb-r7/5438391">.gitconfig alias here</a> to open a browser window to send a pull request to the original contributors branch (you will want to edit yours to reflect your real GitHub username, of course).</p><div class="language-ini highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="py">pr-url</span> <span class="p">=</span> <span class="s">!"echo https://github.com/YOURNAME/metasploit-framework/pull/new/HISNAME:HISBRANCH...YOURBRANCH"</span>
</code></pre></div></div><p>Filling in the blanks (provided by the original PRs information from GitHub) gets me:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>https://github.com/todb-r7/metasploit-framework/pull/new/schierlm:javapayload-maven...pr1217-fix-gitignore-conflict
</code></pre></div></div><p>I opened that in a browser, and ended up with https://github.com/schierlm/metasploit-framework/pull/1 . Once <a href="https://github.com/schierlm">@schierlm</a> landed it on his branch (again, using <code class="language-plaintext highlighter-rouge">git merge --no-ff</code> and a short, informational merge commit message), all I (or anyone) had to do was <code class="language-plaintext highlighter-rouge">git fetch</code> to get the change reflected in upstream/pr/1217, and then the integration of the PR could continue.</p><h1 id="collaboration-between-contributors"> <a href="#collaboration-between-contributors" class="anchor-heading" aria-labelledby="collaboration-between-contributors"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Collaboration between contributors</h1><p>Note the important bit here: <strong>you do not need commit rights to Rapid7 to branch pull requests</strong>. If Alice knows a solution to Bobs pull request that Juan pointed out, it is <strong>easy</strong> for Alice to provide that solution by following the procedure above. <code class="language-plaintext highlighter-rouge">git blame</code> will still work correctly, commit histories will all be accurate, everyone on the pull request will be notified of Alices changes, and Juan doesnt have to wait around for Bob to figure out how to use <code class="language-plaintext highlighter-rouge">send_request_cgi()</code> or whatever the problem was. The hardest part is remembering how to construct the pull request to Bob lucky for you, <a href="https://gist.github.com/todb-r7/5438391">this .git/config alias</a> makes that part pretty push-button.</p><h1 id="landing-to-upstream"> <a href="#landing-to-upstream" class="anchor-heading" aria-labelledby="landing-to-upstream"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Landing to upstream</h1><p>Back to PR #1217. Turns out, my change was enough to land the original chunk of work. So, someone else (<a href="https://github.com/jlee-r7">@jlee-r7</a>) was able to to do something like this:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git fetch upstream
remote: Counting objects: 12, done.
remote: Compressing objects: 100% (2/2), done.
remote: Total 7 (delta 5), reused 7 (delta 5)
Unpacking objects: 100% (7/7), done.
From https://github.com/rapid7/metasploit-framework
9e499e5..263e967 refs/pull/1651/head -&gt; upstream/pr/1651
</code></pre></div></div><p>This all looked good, so he could land this to Rapid7s repo with:</p><p><code class="language-plaintext highlighter-rouge"> $ git checkout -b upstream-master --track upstream/master $ git merge -S --no-ff --edit landing-1217 $ git push upstream upstream-master:master </code></p><p>Or, if he already have upstream-master checked out:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>$ git checkout upstream-master
$ git rebase upstream/master
$ git merge -S --no-ff --edit landing-1217
$ git push upstream upstream-master:master
</code></pre></div></div><p>The <code class="language-plaintext highlighter-rouge">--edit</code> is optional if we have our editor configured correctly in <code class="language-plaintext highlighter-rouge">$HOME/.gitconfig</code>. The point here is that we <em>always</em> want a merge commit, and we <em>never</em> want to use the (often useless) default merge commit message. For #1217, this was changed to:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Land #1217, java payload build system refactor
</code></pre></div></div><p>Note that you should rebase <em>before</em> landing otherwise, your merge commit will be lost in the rebase.</p><p>Finally, the -S indicates we are going to sign the merge, using our GPG key. This is a nice way to prove in a secure way that this merge is, in fact, coming from you, and not someone impersonating you. For more on signing merges, see <a href="http://mikegerwitz.com/papers/git-horror-story.html">A Git Horror Story: Repository Integrity With Signed Commits</a>.</p><p>To set yourself up for signing, your .gitconfig (or metasploit-framework/git/.config) file should have these entries:</p><div class="language-ini highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nn">[user]</span>
<span class="py">name</span> <span class="p">=</span> <span class="s">Your Name</span>
<span class="py">email</span> <span class="p">=</span> <span class="s">your@email.xxx</span>
<span class="py">signingkey</span> <span class="p">=</span> <span class="s">DEADBEEF # Must match exactly with your key for "Your Name &lt;your@email.xxx&gt;"</span>
<span class="nn">[alias]</span>
<span class="py">c</span> <span class="p">=</span> <span class="s">commit -S --edit</span>
<span class="py">m</span> <span class="p">=</span> <span class="s">merge -S --no-ff --edit</span>
</code></pre></div></div><p>People with commit rights to rapid7/metasploit-framework will have their <a href="/docs/development/maintainers/committer-keys.html">keys listed here</a>.</p><h1 id="post-merge"> <a href="#post-merge" class="anchor-heading" aria-labelledby="post-merge"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Post-Merge</h1><p>After a pull request has been merged, release notes should be added to the pull request in the form of a comment. These release notes will automatically be extracted and used as documentation when creating the <a href="https://help.rapid7.com/metasploit/release-notes/">metasploit release notes</a>.</p><p>Release note examples:</p><ul><li><a href="https://github.com/rapid7/metasploit-framework/pull/12873#issuecomment-577247684">12873 Release notes</a><li><a href="https://github.com/rapid7/metasploit-framework/pull/12831#issuecomment-577399914">12831 Release notes</a></ul><p>The <a href="https://github.com/rapid7/metasploit-framework/issues?utf8=%E2%9C%93&amp;q=label%3Arn-no-release-notes+">rn-no-release-notes</a> label must be added if there are no release notes for the merged pull request.</p><h1 id="merge-conflicts"> <a href="#merge-conflicts" class="anchor-heading" aria-labelledby="merge-conflicts"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Merge conflicts</h1><p>The nice thing about this strategy is that you can test for merge conflicts straight away. Youd use a sequence like:</p><div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>git checkout upstream/pr/1234
git checkout -b landing-1234
git checkout master
git checkout -b master-temp
git merge landing-1234 master-temp
</code></pre></div></div><p>If that works, great, you know you dont have any merge conflicts right now.</p><h1 id="questions-and-corrections"> <a href="#questions-and-corrections" class="anchor-heading" aria-labelledby="questions-and-corrections"><svg viewBox="0 0 16 16" aria-hidden="true"><use xlink:href="#svg-link"></use></svg></a> Questions and Corrections</h1><p>Reach out in #contributors on <a href="https://metasploit.com/slack">Metasploit Slack</a>, or by e-mailing msfdev at metasploit dot com.</p><hr><footer><p><a href="#top" id="back-to-top">Back to top</a></p><p class="text-small text-grey-dk-000 mb-0"> <a href="https://github.com/rapid7/metasploit-framework/tree/master/docs/metasploit-framework.wiki/Landing-Pull-Requests.md" id="edit-this-page">Edit this page on GitHub</a></p></footer></div></div><div class="search-overlay"></div></div><script type="text/javascript" src="/assets/js/toggle_mode.js"></script> <script> var config = { theme: 'default', logLevel: 'fatal', securityLevel: 'strict', startOnLoad: true, arrowMarkerAbsolute: false, er: { diagramPadding: 20, layoutDirection: 'TB', minEntityWidth: 100, minEntityHeight: 75, entityPadding: 15, stroke: 'gray', fill: 'honeydew', fontSize: 12, useMaxWidth: true, }, flowchart:{ diagramPadding: 8, htmlLabels: true, curve: 'basis', }, sequence: { diagramMarginX: 50, diagramMarginY: 10, actorMargin: 50, width: 150, height: 65, boxMargin: 10, boxTextMargin: 5, noteMargin: 10, messageMargin: 35, messageAlign: 'center', mirrorActors: true, bottomMarginAdj: 1, useMaxWidth: true, rightAngles: false, showSequenceNumbers: false, }, gantt: { titleTopMargin: 25, barHeight: 20, barGap: 4, topPadding: 50, leftPadding: 75, fontSize: 11, gridLineStartPadding: 35, fontFamily: '\'Open Sans\', sans-serif', numberSectionStyles: 4, axisFormat: '%Y-%m-%d', topAxis: false, }, }; mermaid.initialize(config); window.mermaid.init(undefined, document.querySelectorAll('.language-mermaid')); </script>
Reference in New Issue View Git Blame Copy Permalink