The release schedule and support windows in `SECURITY.md` were still
referring to the pre-1.0 policy. The new policy is not drastically
different from a security perspective, but did need updating to mention
the overlapping support window for the previous major version.
* drop terra reference in SECURITY.md
Signed-off-by: Paul S. Schweigert <paul@paulschweigert.com>
* drop additional terra reference
Signed-off-by: Paul S. Schweigert <paul@paulschweigert.com>
---------
Signed-off-by: Paul S. Schweigert <paul@paulschweigert.com>
This commit adds a SECURITY.md file to the repository to document the
security policy for the project. We recently enabled the private security
advisories feature on the repository (which is a relatively new "beta"
feature in github). Since we now have a place to privately raise potential
security issues it is good to have a documented policy on how security
vulnerabilities should be reported and our support policy for
the versions we will fix (which is just the latest release series). Over time
we can adjust this policy as needed.
Co-authored-by: Eric Arellano <14852634+Eric-Arellano@users.noreply.github.com>
Co-authored-by: Matthew Treinish <mtreinish@kortar.org>