app-template/docs/SECURITY.md

# Security Policy

## Reporting a Vulnerability

If there are any vulnerabilities in **${REPO_NAME}**, don't hesitate to _report them_.

1. Use any of the [private contact addresses](https://github.com/${REPO_OWNER}/${REPO_NAME}#support).
2. Describe the vulnerability.

   If you have a fix, that is most welcome -- please attach or summarize it in your message!

3. We will evaluate the vulnerability and, if necessary, release a fix or mitigating steps to address it. We will contact you to let you know the outcome, and will credit you in the report.

   Please **do not disclose the vulnerability publicly** until a fix is released!

4. Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.
Initial commit 2022-02-27 16:45:06 +00:00			`# Security Policy`

			`## Reporting a Vulnerability`

			`If there are any vulnerabilities in ${REPO_NAME}, don't hesitate to _report them_.`

			`1. Use any of the [private contact addresses](https://github.com/${REPO_OWNER}/${REPO_NAME}#support).`
			`2. Describe the vulnerability.`

			`If you have a fix, that is most welcome -- please attach or summarize it in your message!`

			`3. We will evaluate the vulnerability and, if necessary, release a fix or mitigating steps to address it. We will contact you to let you know the outcome, and will credit you in the report.`

			`Please do not disclose the vulnerability publicly until a fix is released!`

			`4. Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.`