Skip to content

Commit 87b89b1

Browse files
adarshaks91adarshaks91
authored
updated readme (#27)
1 parent 081f255 commit 87b89b1

File tree

1 file changed

+30
-0
lines changed

1 file changed

+30
-0
lines changed

README.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,36 @@
44

55
While the Content and Structure is defined in the [Methodology Taxonomy](https://github.com/bugcrowd/methodology-taxonomy), this defines methods to allow for easy handling of methodologies logic. This gem is used and maintained by [Bugcrowd Engineering](https://bugcrowd.com).
66

7+
## Submodule Versioning Strategy
8+
9+
This gem uses a **versioned submodule approach** to ensure backward compatibility and prevent breaking changes (like step not found or empty checklist title or description) in active pentest engagements when a hacker tries to complete a methodology:
10+
11+
### How It Works
12+
- Each gem version should have a corresponding submodule directory in `lib/data/`
13+
- When methodology-taxonomy is updated, a new submodule directory should be created matching the gem version
14+
- Existing pentest engagements continue using their original methodology version
15+
- New pentest engagements can use the latest methodologies when a hacker tries to complete those methodologies
16+
17+
### Example Structure
18+
```
19+
lib/data/
20+
├── 0.1/ # Legacy methodologies
21+
├── 0.9/ # Previous version methodologies
22+
├── 1.0/ # Current version methodologies
23+
└── 1.1/ # Latest version methodologies
24+
```
25+
26+
### Why This Matters
27+
- **Prevents Breaking Changes**: Step keys, item keys, and methodology structure changes won't break existing pentest engagements in CrowdControl
28+
- **Maintains Backward Compatibility**: Hacker can complete the methodology for a pentest engagement using the methodology version they started with
29+
- **Enables Updates**: New pentest engagements benefit from the latest methodology improvements/updates
30+
31+
### Versioning Pattern
32+
- **Major/Minor versions** get their own submodule directory (e.g., `0.1/`, `0.9/`, `1.0/`)
33+
- **Patch versions** within the same minor version share the same submodule directory
34+
- **Latest directory** contains the most recent methodology updates
35+
- **Legacy directories** are maintained for backward compatibility with existing engagements
36+
737
## Installation
838

939
Add this line to your application's Gemfile:

0 commit comments

Comments
 (0)