From 1c9266d6521c16e126fdff0be785c81170ed4b4c Mon Sep 17 00:00:00 2001
From: Hisham Muhammad <hisham@gobolinux.org>
Date: Thu, 1 Dec 2022 12:59:04 -0300
Subject: Create SECURITY.md

---
 SECURITY.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..de2b983a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+The LuaRocks project supports the _latest version_ of the tool
+for bugfixes and security updates. In other words, if an
+issue is reported and we produce a fix, it will appear in a subsequent
+patch version (x.y.Z) of the tool, but we do not backport fixes
+to previous minor (x.Y.z) or major (X.y.z) versions.
+
+## Reporting a Vulnerability
+
+To report a vulnerability on the LuaRocks CLI tool, email 
+Hisham Muhammad at hisham@luarocks.org.
+
+To report a vulnerability on the https://luarocks.org website,
+email Leaf Corcoran at leafot@gmail.com.
+
+We will acknowledge your contact as soon as the message is
+received, then assess the vulnerability and get back to you
+with further feedback once analysis on our end is done.
-- 
cgit v1.2.3-55-g6feb