Between now and 28 Sep 2016, we will only be accepting security patches to this repository; after that date, we will issue no more releases.
For more information:
To submit code, patches, and proposals to Zend Framework, contributors must agree to the New BSD License and also submit a signed Contributor License Agreement (CLA).
If you wish to contribute to Zend Framework, please be sure to read/subscribe to the following resources:
- Coding Standards: http://framework.zend.com/manual/1.12/en/coding-standard.html
- ZF Git Guide: README-GIT.md
- Contributor's Guide: http://framework.zend.com/participate/contributor-guide-v1
- ZF Contributor's mailing list: Archives: http://zend-framework-community.634137.n4.nabble.com/ZF-Contributor-f680267.html Subscribe: [email protected]
- ZF Contributor's IRC channel: #zftalk.dev on Freenode.net
If you have encountered a potential security vulnerability in Zend Framework, please report it to us at [email protected]. We will work with you to verify the vulnerability and patch it.
When reporting issues, please provide the following information:
- Component(s) affected
- A description indicating how to reproduce the issue
- A summary of the security vulnerability and impact
We request that you contact us via the email address above and give the project contributors a chance to resolve the vulnerability and issue a new release prior to any public exposure; this helps protect Zend Framework users and provides them with a chance to upgrade and/or update in order to protect their applications.
For sensitive email communications, please use our PGP key.