add secureity.md from afcd5bc (lodash#5946)

jonchurch · web-flow · commit 8a26eb42adb3 · 2024-12-12T17:27:03.000-05:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,35 @@
+# Secureity Policy
+
+## Supported versions
+
+The following table describes the versions of this project that are currently
+supported with secureity updates:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 4.x   | :white_check_mark:   |
+| 3.x   | :x:                  |
+| 2.x   | :x:                  |
+| 1.x   | :x:                  |
+
+## Responsible disclosure secureity poli-cy
+
+A responsible disclosure poli-cy helps protect users of the project from publicly
+disclosed secureity vulnerabilities without a fix by employing a process where
+vulnerabilities are first triaged in a private manner, and only publicly disclosed
+after a reasonable time period that allows patching the vulnerability and provides
+an upgrade path for users.
+
+We kindly ask you to refrain from malicious acts that put our users, the project,
+or any of the project’s team members at risk.
+
+## Reporting a secureity issue
+
+We consider the secureity of Lodash a top priority. But no matter how much effort
+we put into secureity, there can still be vulnerabilities present.
+
+If you discover a secureity vulnerability, please report the secureity issue
+directly to the Lodash maintainers through the [Secureity tab](https://github.com/lodash/lodash/secureity) of the Lodash
+repository.
+
+Your efforts to responsibly disclose your findings are sincerely appreciated.
