From f3f604977053d00f052a4b5a67e6a068f1ca2392 Mon Sep 17 00:00:00 2001
From: Tim Schilling <schillingt@better-simple.com>
Date: Mon, 16 Dec 2024 03:07:04 -0600
Subject: [PATCH] Adopt a basic security policy (#2040)

This informs users to submit security reports through GitHub's private vulnerability mechanism.
---
 SECURITY.md | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..31750a749
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+Only the latest version of django-debug-toolbar [![PyPI version](https://badge.fury.io/py/django-debug-toolbar.svg)](https://pypi.python.org/pypi/django-debug-toolbar) is supported.
+
+## Reporting a Vulnerability
+
+If you think you have found a vulnerability, and even if you are not sure, please [report it to us in private](https://github.com/django-commons/django-debug-toolbar/security/advisories/new). We will review it and get back to you. Please refrain from public discussions of the issue.