From fd700cf6909cb4cc5f5eac9203bcdd92a2f1e1b1 Mon Sep 17 00:00:00 2001 From: Jens Papenhagen Date: Tue, 30 Jun 2026 21:23:25 +0200 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..9edc9a8 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,34 @@ +# Security Policy + +## Supported Versions + +Only the latest release on Maven Central receives security updates. +Patch releases are cut as needed for vulnerabilities. + +| Version | Supported | +|---------|--------------------| +| 2.x | :white_check_mark: | +| < 2.0 | :x: | + +## Reporting a Vulnerability + +We take security bugs seriously. If you discover a vulnerability in JToon, +please report it privately before disclosing it publicly. + +**How to report:** + +1. Open a security advisory at: + +2. Alternatively, email the maintainers via the contact information on + the [GitHub profile](https://github.com/toon-format). + +You should receive a response within very soon. If you don't, please +follow up to ensure your message was received. + +**What to include:** + +- A clear description of the vulnerability +- Steps to reproduce (PoC preferred) +- Affected versions +- Potential impact +- Any suggested fix (if available)