From 6b35fd9a58c819b46cd3abf9b9d80ff6459346dd Mon Sep 17 00:00:00 2001
From: Manuel Trezza <5673677+mtrezza@users.noreply.github.com>
Date: Fri, 21 Mar 2025 09:30:55 +0100
Subject: [PATCH] Update CONTRIBUTING.md

---
 CONTRIBUTING.md | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index da415e25b4..27e7e114a5 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -500,11 +500,14 @@ If the commit reverts a previous commit, use the prefix `revert:`, followed by t
 
 Fixes for security vulnerabilities are developed in private forks with a closed audience, inaccessible to the public. A current GitHub limitation does not allow to run CI tests on pull requests in private forks. Whether a pull requests fully passes all CI tests can only be determined by publishing the fix as a public pull request and running the CI. This means the fix and implicitly information about the vulnerability are made accessible to the public. This increases the risk that a vulnerability fix is published, but then cannot be merged immediately due to a CI issue. To mitigate that risk, before publishing a vulnerability fix, the following tests needs to be run locally and pass:
 
-- `npm run test` (MongoDB)
-- `npm run test` (Postgres)
-- `npm run madge:circular` (circular dependencies)
-- `npm run lint` (Lint)
-- `npm run definitions` (Parse Server options definitions)
+- `npm run test` to test with MongoDB
+- `npm run test:postgres:testonly` to test with Postgres
+- `npm run madge:circular` to detect circular dependencies
+- `npm run lint` to check lint compliance
+- `npm run definitions` to update the Parse Server options definitions
+
+> [!CAUTION]
+> It is essential to run `npm run build` *after* switching to a different branch or making a commit and *before*  running any tests. Otherwise the tests may run on the build from a different branch or on a build that does not reflect the most recent commits.
 
 #### Environment