Add security policy

Author: thibaudcolas

.github/SECURITY.md

@@ -0,0 +1 @@
+To report vulnerabilities, please refer to the project’s [security policy](https://torchbox.github.io/django-pattern-library/community/security-policy/) on our website.

docs/community/security-policy.md

@@ -0,0 +1,11 @@
+# Security policy
+
+We take security issues seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
+
+## Supported versions
+
+This project doesn’t have formal support targets for non-latest versions. Backporting security fixes to affected releases will be decided on a case-by-case basis, based on effort involved and known usage of affected versions. Please refer to our [compatibility documentation](https://torchbox.github.io/django-pattern-library/getting-started/#compatibility) when reporting issues specific to certain versions of Django or Python.
+
+### Reporting a vulnerability
+
+To report a vulnerability, please contact any one of the named authors in the package’s [pyproject.toml](https://github.com/torchbox/django-pattern-library/blob/main/pyproject.toml).

mkdocs.yml

@@ -54,4 +54,5 @@ nav:
     - 'Related projects': 'reference/related-projects.md'
   - 'Community':
     - 'Code of conduct': 'community/code-of-conduct.md'
+    - 'Security policy': 'community/security-policy.md'
   - 'Online demo': '/django-pattern-library/demo/pattern-library/'