# Contributing to OWASP dependency-check

## Reporting Bugs

- Ensure you're running the latest version of dependency-check.
- Ensure the bug has not [already been reported](https://github.com/jeremylong/DependencyCheck/issues).
- If you're unable to find an open issue addressing the problem, please [submit a new issue](https://github.com/jeremylong/DependencyCheck/issues/new).
  - Please fill out the appropriate section of the bug report template provided. Please delete any sections not needed in the template.
  
## Reporting Vulnerabilities

- If you believe you have found a vulnerability in dependency-check itself (not that dependency-check found a vulnerability); please email jeremy.long@owasp.org.

## Asking Questions

- Your question may be answered by taking a look at the [documentataion](https://jeremylong.github.io/DependencyCheck/).
- If you still have a question consider:
  - posting to the [Google Group](https://groups.google.com/forum/#!forum/dependency-check)
  - opening a [new issue](https://github.com/jeremylong/DependencyCheck/issues/new)

## Enhancement Requests

- Suggest changes by [submitting a new issue](https://github.com/jeremylong/DependencyCheck/issues/new) and begin coding.

## Contributing Code

- If you have written a new feature or have fixed a bug please open a new pull request with the patch.
- Ensure the PR description clearly describes the problem and solution. Include any related issue number(s) if applicable.
- Please ensure the PR passes the automated checks performed (travis-ci, codacy, etc.)
- Please consider adding test cases for any new functionality

## Thank you for your contributions

OWASP dependency-check team