CakePHP's code repositories are hosted at github.com
Found a security exploit in CakePHP? Please don't message the mailing list, or open an issue on lighthouse. Instead, please email security [at] cakephp.org . Email sent to this address are forwarded to the maintainers of CakePHP.
When a security issue is reported, we first try to confirm the vulnerability. Once confirmed, we'll do the following:
- Send acknowledgement to the reporter, that we received and confirmed the issue.
- Work on a patch to fix the issue.
- Write a post describing the vulnerability, possible exploits and provide instructions on how to apply the patch / upgrade.
- Apply the patch to all maintained and affected versions of CakePHP
- Create new packaged releases for each affected version.
- Publish the post on the CakePHP blog/Bakery
Found a bug? Suggest an improvement? Issue tracking for CakePHP can be found at Github.
General Mailing list
Discuss a problem you're having, or learn from other CakePHP developers around the globe. Join the CakePHP mailing list.
Core Mailing list
Discuss new features or get involved with CakePHP's development. Join the Core mailing list.
Contributing to CakePHP is easy. Checkout the guide on contributing for how you can get started contributing to CakePHP