Update security policy

[Hans5958]

This PR updates the security policy based on the main repo and adds the security.txt file.

Related: ScratchAddons/ScratchAddons#5307

[WorldLanguages]

Should we set reminders every month to update the Expires value, or will it be automated in some way?

[Hans5958]

I would automate this on website build, but the one on the repository would be updated every year.

[WorldLanguages]

This PR updates the security policy based on the main repo

I already made the commit directly to the master branch about 30 mins ago.

[Hans5958]

I just did 71ac6130dc11c42f70e63badc82671f1af8eb3b7, and I then read that comment, man you played me like a damn fiddle

No wonder that commit won't appear on master

I'm not sure why you need to hold it, the script will take time to make. This PR is supposed for the .txt and the policy, and the reason I haven't merge this because I'm just waiting for the policy to be ready. The script can hold on later!

[WorldLanguages]

Sorry! After SECURITY.md was changed on the SA/SA repo, I pushed the updated one into the docs. I then remembered this PR existed and sent that comment.

I'm not sure why you need to hold it

I don't think I understand what you meant by this.

[Hans5958]

Hold it, as in, waiting to merge it.

With the security policy being updated directly, you can just merge this since it's basically ready (it wasn't ready beforehand since it needs to wait for the security policy to be ready), but you didn't.

[WorldLanguages]

I wasn't sure if it made sense to merge a security.txt file that was going to expire in under a week.