v4.33.0 - boundation, changelog, version bump

.github/FUNDING.yml

@@ -3,4 +3,5 @@ patreon: bevry
 open_collective: bevry
 ko_fi: balupton
 liberapay: bevry
+tidelift: npm/badges
 custom: ['https://bevry.me/fund']

HISTORY.md

@@ -1,5 +1,9 @@
 # History
 
+## v4.33.0 2023 November 14
+
+-   Updated dependencies, [base files](https://github.com/bevry/base), and [editions](https://editions.bevry.me) using [boundation](https://github.com/bevry/boundation)
+
 ## v4.32.0 2023 November 13
 
 -   Updated dependencies, [base files](https://github.com/bevry/base), and [editions](https://editions.bevry.me) using [boundation](https://github.com/bevry/boundation)

README.md

@@ -181,23 +181,23 @@ If you want to render badges inside your own project's readme files, check out t
 
 ``` html
 <script type="module">
-    import * as pkg from '//cdn.skypack.dev/badges@^4.32.0'
+    import * as pkg from '//cdn.skypack.dev/badges@^4.33.0'
 </script>
 ```
 
 <a href="https://unpkg.com" title="unpkg is a fast, global content delivery network for everything on npm"><h3>unpkg</h3></a>
 
 ``` html
 <script type="module">
-    import * as pkg from '//unpkg.com/badges@^4.32.0'
+    import * as pkg from '//unpkg.com/badges@^4.33.0'
 </script>
 ```
 
 <a href="https://jspm.io" title="Native ES Modules CDN"><h3>jspm</h3></a>
 
 ``` html
 <script type="module">
-    import * as pkg from '//dev.jspm.io/badges@4.32.0'
+    import * as pkg from '//dev.jspm.io/badges@4.33.0'
 </script>
 ```
 

SECURITY.md

@@ -0,0 +1,21 @@
+# Security Policy
+
+## Security Practices
+
+This project meets standardized secure software development practices, including 2FA for all members, password managers with monitoring, secure secret retrieval instead of storage. [Learn more about our practices.](https://tidelift.com/funding/github/npm/badges)
+
+## Supported Versions
+
+This project uses [Bevry's automated tooling](https://github.com/bevry/boundation) to deliver the latest updates, fixes, and improvements inside the latest release while still maintaining widespread ecosystem compatibility.
+
+[Refer to supported ecosystem versions: `Editions` section in `README.md`.](https://github.com/bevry/badges/blob/master/README.md#Editions)
+
+[Refer to automated support of ecosystem versions: `boundation` entries in `HISTORY.md`.](https://github.com/bevry/badges/blob/master/HISTORY.md)
+
+Besides testing and verification, out CI also [auto-merges](https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions) [Dependabot security updates](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates) and [auto-publishes](https://github.com/bevry-actions/npm) successful builds of the [`master` branch](https://github.com/bevry/wait/actions?query=branch%3Amaster) to the [`next` version tag](https://www.npmjs.com/package/badges?activeTab=versions), offering immediate resolutions before scheduled maintenance releases.
+
+## Reporting a Vulnerability
+
+[Report the vulnerability to the project owners.](https://github.com/bevry/badges/security/advisories)
+
+[Report the vulnerability to Tidelift.](https://tidelift.com/security)