add security policy (#1257)

* init security policy * add email and pgp key * language
Kwenta · Aug 10, 2022 · 3f6b621 · 3f6b621
1 parent 76b36b6
commit 3f6b621
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,35 @@
+# Security Policy
+
+## Supported Versions
+
+Please have a look at [Releases](https://github.com/Kwenta/kwenta/releases). We recommend using the most recently released version.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 3.x.x   | :white_check_mark: |
+| 2.x.x   | :x:                |
+
+## Reporting a Vulnerability
+
+Please send vulnerability reports to [email protected] and encrypt sensitive messages using our PGP key.
+
+Please do not file a public ticket mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being exploited before a fix has been created and released.
+
+```
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: OpenPGP.js v4.10.10
+Comment: https://openpgpjs.org
+
+xjMEYvEiWBYJKwYBBAHaRw8BAQdAjs0DpOJQm/bTF9aKJjEFsKR177julOvK
+SBqeFmalkA7NI2t3ZW50YUBwcm90b24ubWUgPGt3ZW50YUBwcm90b24ubWU+
+wo8EEBYKACAFAmLxIlgGCwkHCAMCBBUICgIEFgIBAAIZAQIbAwIeAQAhCRBH
+cLXaun2i+xYhBDfYNsrP0erBkj2H1kdwtdq6faL7l00BAKrtIsTseUz8PjRg
+5dqx3GvsBa6y5uyw72DnXe0YTzC3AQDAor8OFqN0EyrbjzY+wCtWF2RA8euM
+afA1rqbkuJZGAc44BGLxIlgSCisGAQQBl1UBBQEBB0C5vwKrTj95esmVlepe
+QSIPlHPbMRn9ORCdme1x+gTiTwMBCAfCeAQYFggACQUCYvEiWAIbDAAhCRBH
+cLXaun2i+xYhBDfYNsrP0erBkj2H1kdwtdq6faL7v0UBAJ4R3Z1EPonxQOu/
+l0tKx8gqT/qpmIZ8EaQJqBr/RLc5AQCoYaggo4MZh0Bg+K0rXrszLF/FnzZY
+Owcx56Dt6XQ9Bw==
+=vWd9
+-----END PGP PUBLIC KEY BLOCK-----
+```