Contributing to SecureDrop

If you have time, one hour or a year, we welcome your help in various areas. We are committed to make it as easy as possible for you to contribute.

You will find a developer to answer any questions you may have at the SecureDrop instant messaging channel, whatever your timezone is. You should also register to the forum for longer discussions and to look for answers.

Programmers

SecureDrop is a system including Flask based web applications for sources and journalists and is deployed on multiple machines with Ansible.

Here is a list of bugs and features you can work on.

Low hanging fruit

Development environment

Once you have chosen something to work on, it is enough to send a pull request with the proposed change. Tests will be automatically run for you.

If you would like to contribute on a regular basis, you should read the developer documentation to setup a local development environment, run part of the tests locally etc.

Writers

Technical writers are invited to review this documentation and fix any mistake in accordance to the documentation guidelines.

Documentation tasks (bugs and improvements), ordered by priority:

DevOps

The SecureDrop web site and the GitHub repository are controlled and maintained by Freedom of the Press Foundation employees. The resources under the securedrop.club domain name (listed below) are financed, controlled and maintained by a horizontal community of volunteers.

You will find a list of the pending tasks to improve the securedrop.club services in the contribution guide.

If you’re in doubt, feel free to reach out to the DevOps section of the forum or directly to a team member.

Release managers

All software deployed with SecureDrop is installed via Debian GNU/Linux packages via Ansible. The primary repository is controlled and maintained and signed by Freedom of the Press Foundation employees. An alternative repository is signed by a community of volunteers and must not be used for production purproses but is convenient for tests and demonstrations.

If you are a Debian Developer you can help improve packaging and the release process:

Translators

If English is not your native tongue, your are kindly invited to help translate SecureDrop using the web interface. It is straightforward but we also provide a detailed guide to use as a reference for details such as the meaning of placeholders etc. If you’re in doubt, feel free to reach out to the translation section of the forum or even sub-sections where non-English discussions are welcome to facilitate discussions.

As a developer or system administrator you can also help maintain and improve the self-hosted weblate infrastructure used by the community of translators.

Last but not least, if you are a professional proofreader you may want to reach out to Localization Lab and become part of their team of reviewers. This is an important part of the process to ensure quality translations and there are never enough talents to complete this on-going task.

Moderators & Support

People running a production instance of SecureDrop are encouraged to read the support documentation to get help from the Freedom of the Press Foundation. For less sensitive topics such as running a demo or getting help to understand a concept, a public forum section is better suited.

Designers

If you know web design or have experience improving user experience, the following tasks are waiting for your help: