Merge pull request #1383 from Kushal997-das/Kushal997-das-patch-34

Create SECURITY.md
Kushal997-das · Oct 7, 2024 · e160fd7 · e160fd7
2 parents 3d9751c + d8685d9
commit e160fd7
Showing 1 changed file with 28 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,28 @@
+# Security Policy
+
+## Supported Versions
+
+This section outlines the versions of the project currently receiving security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a potential security vulnerability, please report it to us promptly. Here’s how you can do so:
+
+1. **Submit a Report:** Send an email to [email protected] with a detailed description of the vulnerability, including any relevant steps to reproduce the issue. Please include your contact information so we can follow up if needed.
+
+2. **Response Time:** We aim to acknowledge all reports within **48 hours**. Our team will review the details you provide and assess the severity of the vulnerability.
+
+3. **Updates:** Once a vulnerability is accepted for investigation, we will provide updates on our progress every **7 days**. If a vulnerability is declined, we will inform you of the reasons for our decision.
+
+4. **Resolution Process:** If your reported vulnerability is accepted, we will work to address it as quickly as possible. Once a fix is implemented, we will communicate with you before any public disclosure to ensure you are informed.
+
+5. **Responsible Disclosure:** We appreciate your cooperation in following responsible disclosure practices. Please do not disclose the vulnerability publicly until we have released a fix and communicated it to you.
+
+Thank you for helping us keep our project secure!