diff --git a/.github/SECURITY.md b/.github/SECURITY.md new file mode 100644 index 00000000..1ae778a9 --- /dev/null +++ b/.github/SECURITY.md @@ -0,0 +1,19 @@ +# Security Policy + +## Supported Versions + +We only support the latest production version, deployed to . +See the [releases page](https://github.com/minetest/contentdb/releases). + +## Reporting a Vulnerability + +We ask that you report vulnerabilities privately, by contacting rubenwardy, +to give us time to fix them. You can do that by using one of the methods outlined in the following link: + +* https://rubenwardy.com/contact/ + +Depending on severity, we will either create a private issue for the vulnerability +and release a security update, or give you permission to file the issue publicly. + +For more information on the justification of this policy, see +[Responsible Disclosure](https://en.wikipedia.org/wiki/Responsible_disclosure).