Commit 1a199b6

Anton Golub <antongolub@antongolub.com>
2025-07-01 14:43:12
docs: clarify security policy (#1255)
main
1 parent ddbd99c
Changed files (2)
.github
SECURITY.md
docs
lite.md
.github/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+| Version | Status             | Comment                                                               |
+|---------|--------------------|-----------------------------------------------------------------------|
+| 8.x     | :white_check_mark: |                                                                       | 
+| 7.x     | :warning:          | Bugs, vulnerabilities, compatibility enhancements, performance issues |
+| 6.x     | :warning:          | Critical bugs and vulnerability fixes                                 |
+| < 6.0   | :x:                | **No longer supported**, please consider upgrade options              |
+
+
+## Reporting a Vulnerability
+Please use https://g.co/vulnz to report security vulnerabilities.
+
+We use https://g.co/vulnz for our intake and triage. For valid issues we will do coordination and disclosure here on
+GitHub (including using a GitHub Security Advisory when necessary).
+
+The Google Security Team will process your report within a day, and respond within a week (although it will depend on the severity of your report).
docs/lite.md
@@ -18,5 +18,5 @@ import { $ } from 'zx'
 await $`echo foo`
 ```
 
-### Range of choices
+### Range of choice
 **tool size ← [`child_process`](https://nodejs.org/api/child_process.html) [`zurk`](https://github.com/webpod/zurk) `zx@lite` `zx`  → built-in functionality**