From 74618522e511d6516d34f89547358b2cfb224494 Mon Sep 17 00:00:00 2001
From: Jukka Svahn <665186+gocom@users.noreply.github.com>
Date: Tue, 15 Oct 2024 20:18:56 +0300
Subject: [PATCH] Create SECURITY.md

---
 SECURITY.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f303ec2
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,19 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+You can privately report security vulnerabilities to PHP-Textile team by opening a
+[new draft security advisory](https://github.com/textile/php-textile/security/advisories/new)
+to us on GitHub.
+
+When opening a new advisory, take the following considerations into account:
+
+* Before opening a security advisory, please try to confirm that the security
+  issue is caused by PHP-Textile, and not by third-party or configuration
+  error.
+* Provide details as to the nature of the vulnerability, and examples of the steps to
+  replicate it.
+* PHP-Textile is a free, open-source project run by volunteers, and we do not offer monetary
+  rewards or provide bug bounties for discovering security issues.
+* Due to the volunteer-nature, our response times may not be immediate. We do kindly ask to allow
+  us a reasonable amount of time to evaluate and correct the issue before making details public.