# CONTRIBUTING

> **To submit code, patches, and proposals to Zend Framework, contributors must
agree to the New BSD License and also submit a signed
[Contributor License Agreement (CLA)](https://github.com/zendframework/zf1/wiki/Contributor-License-Agreement-%28CLA%29).**

## RESOURCES

If you wish to contribute to Zend Framework, please be sure to
read/subscribe to the following resources:

 -  Coding Standards:
    http://framework.zend.com/manual/1.12/en/coding-standard.html
 -  ZF Git Guide:
    [README-GIT.md](README-GIT.md)
 -  Contributor's Guide:
    http://framework.zend.com/participate/contributor-guide-v1
 -  ZF Contributor's mailing list:
    Archives: http://zend-framework-community.634137.n4.nabble.com/ZF-Contributor-f680267.html
    Subscribe: zf-contributors-subscribe@lists.zend.com
 -  ZF Contributor's IRC channel:
    #zftalk.dev on Freenode.net

## Reporting Potential Security Issues

If you have encountered a potential security vulnerability in Zend Framework,
please report it to us at [zf-security@zend.com](mailto:zf-security@zend.com).
We will work with you to verify the vulnerability and patch it.

When reporting issues, please provide the following information:

- Component(s) affected
- A description indicating how to reproduce the issue
- A summary of the security vulnerability and impact

We request that you contact us via the email address above and give the project
contributors a chance to resolve the vulnerability and issue a new release prior
to any public exposure; this helps protect Zend Framework users and provides
them with a chance to upgrade and/or update in order to protect their applications.

For sensitive email communications, please use [our PGP key](http://framework.zend.com/zf-security-pgp-key.asc).