From dbe76bb75d597401d33ef428d79540797e9297b3 Mon Sep 17 00:00:00 2001
From: David Lord <davidism@gmail.com>
Date: Mon, 8 Feb 2021 18:20:48 -0800
Subject: [PATCH] add security policy

copy from pallets/.github repo
github was using docs/security.rst by mistake
---
 .github/SECURITY.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 .github/SECURITY.md

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 00000000..fcfac71b
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,19 @@
+# Security Policy
+
+If you believe you have identified a security issue with a Pallets
+project, **do not open a public issue**. To responsibly report a
+security issue, please email security@palletsprojects.com. A security
+team member will contact you acknowledging the report and how to
+continue.
+
+Be sure to include as much detail as necessary in your report. As with
+reporting normal issues, a minimal reproducible example will help the
+maintainers address the issue faster. If you are able, you may also
+include a fix for the issue generated with `git format-patch`.
+
+The current and previous release will receive security patches, with
+older versions evaluated based on usage information and severity.
+
+After fixing an issue, we will make a security release along with an
+announcement on our blog. We may obtain a CVE id as well. You may
+include a name and link if you would like to be credited for the report.