From 0520c2e30934a6e01b27988dca5bbbe3511d6868 Mon Sep 17 00:00:00 2001
From: Marc Cornellà <hello@mcornella.com>
Date: Wed, 3 Nov 2021 18:21:04 +0100
Subject: docs: add Security Policy

---
 SECURITY.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..cda53379f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,22 @@
+# Security Policy
+
+## Supported Versions
+
+At the moment Oh My Zsh only considers the very latest commit to be supported.
+We combine that with our fast response to incidents, so risk is minimized.
+
+| Version        | Supported          |
+|:-------------- |:------------------ |
+| master         | :white_check_mark: |
+| other commits  | :x:                |
+
+In the near future we will introduce versioning, so expect this section to change.
+
+## Reporting a Vulnerability
+
+If you find a vulnerability, email all the maintainers directly at:
+
+- Robby: robby [at] planetargon.com
+- Marc: hello [at] mcornella.com
+
+**Do not open an issue or Pull Request directly**, because it might reveal the vulnerability.
-- 
cgit v1.2.3-70-g09d2