diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..ee9f073 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,25 @@ +# Security Policy + +## Supported Versions + +All MAJOR versions of this package will receive security updates for **two years after the next major version is released**. For example, if version 4.0.0 is released, version 3.x will continue receiving security updates for two years from that date. + +Versions outside this window are considered end-of-life and will no longer receive updates, even for critical vulnerabilities. + +## Reporting a Vulnerability + +If you discover a security issue, please report it using GitHub's [**"Report a vulnerability"** feature](../../security/advisories/new) under the **Security** tab of this repository. + +When reporting, please include the following information to help us investigate quickly and thoroughly: + +- A clear description of the vulnerability and what part of the code it affects. +- Steps to reproduce the issue, ideally including: + - The affected version + - A code snippet or minimal test case + - The expected vs. actual behavior +- If applicable, an explanation of potential impact or severity. +- Any suggested mitigations or patches (optional, but appreciated). + +Please do not disclose the vulnerability publicly until we've had a chance to investigate and publish a fix. + +We appreciate responsible disclosure and are committed to resolving issues promptly. diff --git a/example/04-type-safety-arrays.php b/example/04-type-safety-arrays.php index 57cc074..83bc1d5 100644 --- a/example/04-type-safety-arrays.php +++ b/example/04-type-safety-arrays.php @@ -1,5 +1,4 @@