add zsh

1 files changed, 24 insertions, 0 deletions

diff --git a/oh-my-zsh/SECURITY.md b/oh-my-zsh/SECURITY.md
new file mode 100644
index 0000000..7e5c8ee
--- /dev/null
+++ b/oh-my-zsh/SECURITY.md
@@ -0,0 +1,24 @@
+# Security Policy
+
+## Supported Versions
+
+At the moment Oh My Zsh only considers the very latest commit to be supported.
+We combine that with our fast response to incidents and the automated updates
+to minimize the time between vulnerability publication and patch release.
+
+| Version        | Supported          |
+|:-------------- |:------------------ |
+| master         | :white_check_mark: |
+| other commits  | :x:                |
+
+In the near future we will introduce versioning, so expect this section to change.
+
+## Reporting a Vulnerability
+
+**Do not submit an issue or pull request**: this might reveal the vulnerability.
+
+Instead, you should email the maintainers directly at: [**security@ohmyz.sh**](mailto:security@ohmyz.sh).
+
+We will deal with the vulnerability privately and submit a patch as soon as possible.
+
+You can also submit your vulnerability report to [huntr.dev](https://huntr.dev/bounties/disclose/?utm_campaign=ohmyzsh%2Fohmyzsh&utm_medium=social&utm_source=github&target=https%3A%2F%2Fgithub.com%2Fohmyzsh%2Fohmyzsh) and see if you can get a bounty reward.