From 234539bc18f0caf37ec5e456709262483db7df0a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=CD=A1urendra=20S=CD=A1id=20-=20AR?=
 <105810226+AR-sslink@users.noreply.github.com>
Date: Thu, 14 Sep 2023 07:29:27 +0530
Subject: [PATCH] Create SECURITY.md

Here's a SECURITY.md file can include in your repository. This file provides information about how to report security vulnerabilities and responsible disclosure.
---
 SECURITY.md | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000000..22025eaa40c7
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,55 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Security Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.
+
+At TheAlgorithm/Python, we take security seriously and value the contributions of ethical hackers and the security community in helping us maintain the security of our open-source projects. If you believe you have discovered a security vulnerability in this project or any related software or dependencies, we encourage you to responsibly disclose it to us.
+
+Please follow these guidelines when reporting security vulnerabilities:
+
+1. **Do Not Publicly Disclose:** Please do not publicly disclose the security issue or details until we've had a chance to review and address it.
+
+2. **Submit a Report:** To report a security vulnerability, please email us at [security@example.com](mailto:security@example.com) with a detailed description of the issue, including any relevant logs, screenshots, and steps to reproduce the vulnerability. Please encrypt sensitive information using our PGP key: [link-to-pgp-key](link-to-pgp-key).
+
+3. **Responsible Disclosure:** We kindly request that you allow us time to review and address your report before disclosing it to others. We aim to acknowledge your report within 48 hours and will work with you to resolve the issue promptly.
+
+4. **Provide Contact Information:** Include your contact information, such as your name and email address, so we can get in touch with you to coordinate the resolution of the vulnerability.
+
+5. **Cooperate with Us:** Work with us to provide any additional information or clarifications as needed to assess and resolve the issue.
+
+## Security Updates
+
+We are committed to addressing security vulnerabilities promptly. Once a security vulnerability is confirmed and fixed, we will:
+
+- Release a new version or patch containing the fix.
+- Provide credit to the security researcher, if desired, in the release notes or acknowledgments.
+
+## Vulnerability Disclosure Policy
+
+We follow responsible disclosure practices, which means that we aim to:
+
+- Promptly acknowledge receipt of your report.
+- Keep you informed of our progress in addressing the issue.
+- Release a fix in a timely manner.
+- Coordinate with you on the disclosure timeline, which typically involves waiting until a fix is available before making any public disclosures.
+
+Thank you for helping us keep our project and users secure. Your efforts are greatly appreciated!
+
+---