| # Contributing to the Go Vulnerability Database |
| |
| Go is an open source project. |
| |
| It is the work of hundreds of contributors. We appreciate your help! |
| |
| ## Reporting a vulnerability |
| |
| To report a new *public* vulnerability, |
| [open an issue](https://github.com/golang/vulndb/issues/new), |
| send a GitHub PR, or mail a Gerrit CL. |
| |
| Please read the |
| [Contribution Guidelines](https://golang.org/doc/contribute.html) |
| before sending patches. |
| |
| ## Contributor License Agreement |
| |
| Contributions to this project must be accompanied by a Contributor License |
| Agreement (CLA). You (or your employer) retain the copyright to your |
| contribution; this simply gives us permission to use and redistribute your |
| contributions as part of the project. Head over to |
| <https://cla.developers.google.com/> to see your current agreements on file or |
| to sign a new one. |
| |
| You generally only need to submit a CLA once, so if you've already submitted one |
| (even if it was for a different project), you probably don't need to do it |
| again. |
