From 0ddf1d945070ca9c8f11b8d68622e97f2a3954dd Mon Sep 17 00:00:00 2001
From: Ben McGarry <9434920+BenMcGarry@users.noreply.github.com>
Date: Sat, 25 Apr 2020 00:29:48 +0100
Subject: [PATCH] Create SECURITY.md (#5214)

* Create SECURITY.md
---
 SECURITY.md | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..28ffc1cbc1
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,27 @@
+# Security Policy
+
+This is the security/disclosure policy for Reddit Enhancement Suite, it covers all repositories that are related to the core project. We appreciate all disclosures related to the project.
+
+As we are a community developed project, we are unable to offer rewards for disclosures.
+
+## Supported Versions
+
+We support the latest version of RES on all supported browsers. Please see below for a complete list.
+
+| Browser | Supported          |
+| ------- | ------------------ |
+| Google Chrome   | :white_check_mark: |
+| Mozilla Firefox   | :white_check_mark:                |
+| Mozilla Firefox ESR 78   | :white_check_mark:                |
+| Mozilla Firefox ESR 68   | :grey_question:*                |
+| Microsoft Edge   | :x:                |
+| Microsoft Edge Chromium  | :white_check_mark:                |
+| Safari  | :x:                |
+
+Mozilla Firefox ESR 68: We will backport depending on the impact of the vulnerability.
+
+## Reporting a Vulnerability
+
+In order to report a vulnerability, please send an initial email to: ben@redditenhancementsuite.com and we will respond confirming the report. A public PGP key will be provided for future communications. Please provide as much detail as possible for initial triage, if you would rather report under the PGP key please let us know on the email above.
+
+We will aim to respond in 24 hours, if you do not get a response in this timeframe place raise a GitHub issue stating you are having problems contacting us.