From f65c0e31e6fdea4a0e57fc3dc432149ae72e5a66 Mon Sep 17 00:00:00 2001
From: SilverStars03 <142466699+SilverStars03@users.noreply.github.com>
Date: Fri, 18 Aug 2023 17:07:18 -0500
Subject: [PATCH 1/2] Create SECURITY.md

---
 SECURITY.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000000..034e848032
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | :white_check_mark: |
+| 5.0.x   | :x:                |
+| 4.0.x   | :white_check_mark: |
+| < 4.0   | :x:                |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

From 7713c0f200bfe34702a42b9793255a1c1372b1ce Mon Sep 17 00:00:00 2001
From: fengmk2 <suqian.yf@antgroup.com>
Date: Sun, 21 Jan 2024 21:27:46 +0800
Subject: [PATCH 2/2] Update SECURITY.md

---
 SECURITY.md | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 034e848032..92c0187f62 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,20 +2,15 @@
 
 ## Supported Versions
 
-Use this section to tell people about which versions of your project are
-currently being supported with security updates.
+These versions are currently being supported with security updates.
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 5.1.x   | :white_check_mark: |
-| 5.0.x   | :x:                |
-| 4.0.x   | :white_check_mark: |
-| < 4.0   | :x:                |
+| 3.x     | :white_check_mark: |
+| 2.x     | :white_check_mark: |
+| < 2.0   | :x:                |
 
 ## Reporting a Vulnerability
 
-Use this section to tell people how to report a vulnerability.
-
-Tell them where to go, how often they can expect to get an update on a
-reported vulnerability, what to expect if the vulnerability is accepted or
-declined, etc.
+To report a security vulnerability, please do not open an issue, as this notifies attackers of the vulnerability.
+Instead, please email [fengmk2](mailto:fengmk2+eggjs-security@gmail.com) to disclose.