docs: Create SECURITY.md

Stranger6667 · web-flow · commit b195dbfd419e · 2025-06-24T22:10:04.000+02:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+`css-inline` provides security updates only for the latest minor version.
+
+## Reporting a Vulnerability
+
+To report a security vulnerability in `css-inline`:
+
+1. Email your findings to dmitry@dygalo.dev.
+2. Provide a detailed description of the vulnerability and steps to reproduce it.
+3. If possible, include a suggested fix or mitigation.
+
+You can expect an initial response within a few days of your report.
+
+## Disclosure Policy
+
+There is no formal process for disclosing fixed vulnerabilities. Updates will be released as part of regular patch versions, and significant security fixes will be noted in the release notes.
+
+Thank you for helping keep `css-inline` and its users safe!
