ADD: Create SECURITY.md

galantelab · Nov 17, 2024 · 92d30a7 · 92d30a7
1 parent a383ab6
commit 92d30a7
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,36 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.1.x   | :white_check_mark: |
+| 1.0.x   | :white_check_mark: |
+| < 1.0   | :x:                |
+| dev     | :x:                |
+
+## Reporting a Vulnerability
+
+If you find a security vulnerability in our project, please follow the steps below to report it:
+
+1. **Send an email**: Send an email to [tmiller@mochsl.org.br](mailto:tmiller@mochsl.org.br) with the details of the vulnerability.
+2. **Describe the vulnerability**: Include a detailed description of the vulnerability, how it can be exploited, and the potential impacts.
+3. **Provide proof**: If possible, provide proof of concept or code examples that demonstrate the vulnerability.
+4. **Wait for our response**: We will acknowledge receipt of your report and work to resolve the vulnerability as quickly as possible.
+
+## Disclosure Policy
+
+We follow a responsible disclosure policy. This means that:
+
+- **Confidentiality**: We will keep the vulnerability confidential until a fix is implemented.
+- **Quick Fix**: We will work to fix the vulnerability as quickly as possible.
+- **Acknowledgements**: We appreciate those who report vulnerabilities responsibly and, with your permission, will give you credit in our release notes.
+
+## Support
+
+If you have any questions or need support, please contact us at [tmiller@mochsl.org.br](mailto:tmiller@mochsl.org.br).
+
+## Updates
+
+This security policy may be updated periodically. Please check regularly to stay informed about our security practices.
+