CakePHP Changelogs


CakePHP's code repositories are hosted at

Security Issues

Found a security exploit in CakePHP? Please don't message the mailing list, or open an issue on Github. Instead, please email security [at] Email sent to this address are forwarded to the maintainers of CakePHP.

When a security issue is reported, we first try to confirm the vulnerability. Once confirmed, we'll do the following:

  • Send acknowledgement to the reporter, that we received and confirmed the issue.
  • Work on a patch to fix the issue.
  • Write a post describing the vulnerability, possible exploits and provide instructions on how to apply the patch / upgrade.
  • Apply the patch to all maintained and affected versions of CakePHP
  • Create new packaged releases for each affected version.
  • Publish the post on the CakePHP blog/Bakery

Continuous Integration

CakePHP is continuously integrated check the status of the various builds on Travis CI.


Found a bug? Suggest an improvement? Issue tracking for CakePHP can be found at Github.


Contributing to CakePHP is easy. Checkout the guide on contributing for how you can get started contributing to CakePHP.