From a6b0d4abbc595759d1f728ef15dc7eb6abeb9931 Mon Sep 17 00:00:00 2001
From: Jose Luis Leon <joseluis5000l@gmail.com>
Date: Fri, 3 Nov 2023 22:04:35 -0500
Subject: [PATCH] docs(security): Add security policy (#215)

---
 SECURITY.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..313aa99
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,16 @@
+# Security Policy
+
+## Supported Versions
+
+The matrix below shows which versions are currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 3.x.x   | :white_check_mark: |
+| < 3.0   | :x:                |
+
+## Reporting a Vulnerability
+
+This project has Snyk and CodeQL configured on the workflow and running constantly to help prevent security vulnerabilities. However, if you were to find a vulnerability, please create a GitHub [issue](https://github.com/JoseLion/maybe/issues/new) explaining the problem. Adding as many details as possible will help to tackle the problem swiftly.
+
+Given the vulnerability report is accepted, it'll have a high priority to be worked next. A new version will be released as soon as the vulnerability fix is merged. If the vulnerability report is declined, you can expect a clear and logical explanation, but if you think the reasons are not right or not enough, feel free to leave a comment on the reported issue.