diff --git a/.github/workflows/dynamic-security.yml b/.github/workflows/dynamic-security.yml new file mode 100644 index 0000000000..26a424dcb2 --- /dev/null +++ b/.github/workflows/dynamic-security.yml @@ -0,0 +1,19 @@ +name: update-security + +on: + push: + paths: + - SECURITY.md + branches: + - main + workflow_dispatch: + +jobs: + update-security: + permissions: + contents: write + pull-requests: write + pages: write + uses: thoughtbot/templates/.github/workflows/dynamic-security.yaml@main + secrets: + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/SECURITY.md b/SECURITY.md index c2fd1c7675..9b63758ce3 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,14 +1,2 @@ -# Security Policy - -## Supported Versions - -Only the the latest version of Administrate is supported at a given time. If you find -a security issue with an older version, please try updating to the latest version first. - -If for some reason you can't update to the latest version, please let us know your reasons -so that we can have a better understanding of your situation. - -## Reporting a Vulnerability - -For security inquiries or vulnerability reports, please email security@thoughtbot.com. -If you'd like, you can use our PGP key when reporting vulnerabilities. + +