From 0abad85a17ba75c0fb431feea7a6a06125341a99 Mon Sep 17 00:00:00 2001
From: Matt Davis <mrd@redhat.com>
Date: Mon, 11 Jul 2022 15:31:43 -0700
Subject: [PATCH] security disclosure docs

---
 .github/SECURITY.md | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 .github/SECURITY.md

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 00000000..7d4f8bc3
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,10 @@
+# PyYAML Security Policy
+
+## Reporting a Suspected Vulnerability
+
+The PyYAML project encourages responsible disclosure of suspected security
+vulnerabilities. However, we do not offer bug bounties, paid disclosure, or
+paid fixes for discovered vulnerabilities. To report a suspected security
+vulnerability, please e-mail details to <security@pyyaml.org> without creating
+public issues, pull requests, or discussion. Non-security correspondence to
+this address will be ignored.