As per the linked issue, this PR adds a security policy to the repository.
The policy currently requests that vulnerabilities be reported to git [at] 0xdf.com (copied from @chzyer's GH profile) or using GitHub's private vulnerability reporting feature (currently in beta).
If you wish to use another email or just one of these alternatives, let me know and I'll gladly modify the document.
Fixes #223
As per the linked issue, this PR adds a security policy to the repository.
The policy currently requests that vulnerabilities be reported to git [at] 0xdf.com (copied from @chzyer's GH profile) or using GitHub's private vulnerability reporting feature (currently in beta).
If you wish to use another email or just one of these alternatives, let me know and I'll gladly modify the document.