From d1b223b9ec4f5dae2d46067e72cb5d5c46f55267 Mon Sep 17 00:00:00 2001
From: Joe Constant <joe@joeconstant.com>
Date: Sun, 26 May 2024 23:05:07 -0600
Subject: [PATCH 1/3] feat: add SECURITY.md to outline security issue reporting

Add a SECURITY.md file to provide guidelines for reporting security issues. This will help in the responsible disclosure of security bugs by detailing the process for reporting vulnerabilities. It includes a link to the GitHub Security Advisory for ease of access and ensures contributors are informed about the handling of their reports.
---
 SECURITY.md | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f9c939b
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Reporting Security Issues
+
+The Sublinks team and community take security bugs in Sublinks seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
+
+To report a security issue, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/sublinks/sublinks-js-client/security/advisories/new) tab.
+
+The Sublinks Core Owner team will send a response indicating the next steps in handling your report. After the initial reply to your report, the team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
+
+Report security bugs in third-party libraries/modules to the person or team maintaining the library/module.

From 68e659791ed8b430b2c8a8c732985c809562d337 Mon Sep 17 00:00:00 2001
From: Joe Constant <joe@joeconstant.com>
Date: Sun, 26 May 2024 23:07:47 -0600
Subject: [PATCH 2/3] Add CODEOWNERS files

---
 .github/CODEOWNERS | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .github/CODEOWNERS

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..8ae7f3d
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @sublinks/sublinks-sdk-js

From 8856a0199e44f673a68266a64815bb05ffb0ede3 Mon Sep 17 00:00:00 2001
From: Joe Constant <joe@joeconstant.com>
Date: Sun, 26 May 2024 23:11:58 -0600
Subject: [PATCH 3/3] Add Dependabot

---
 .github/dependabot.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..5da8682
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,27 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    rebase-strategy: "disabled"
+
+  # Maintain dependencies for npm
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    rebase-strategy: "disabled"
+    groups:
+      patches:
+        patterns:
+          - "*"
+        update-types:
+          - "patch"
+