Upload files to "/"

SECURITY.md

@@ -0,0 +1,36 @@
+# Security Policy
+
+## Supported Versions
+
+We are currently supporting the following versions of jBase with security updates:
+
+| Version | Supported          | Notes |
+| ------- | ------------------ | ----- |
+| 2.x     | :white_check_mark: | Current major version |
+| 1.x     | :x:                | End of Life |
+
+## Reporting a Vulnerability
+
+We take the security of jBase seriously. If you believe you have found a security vulnerability in this framework, please report it to us as described below.
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+### How to Report
+
+Please email the lead developer directly at: **[jbase@sven-minio.de]**
+
+Please include the following details in your report:
+* The version of jBase you are using.
+* A description of the vulnerability.
+* Steps to reproduce the issue (code snippets or a proof-of-concept are highly appreciated).
+* Any potential impact you foresee.
+
+### Our Response Policy
+
+1.  **Acknowledgment:** We will make every effort to acknowledge your report within 48 hours.
+2.  **Investigation:** We will investigate the issue and verify the vulnerability.
+3.  **Fix:** Once confirmed, we will work on a patch.
+4.  **Release:** We will release a new version (e.g., v2.0.3) containing the security fix.
+5.  **Disclosure:** After the fix is released and users have had time to update, we will publicly acknowledge your contribution (unless you wish to remain anonymous).
+
+Thank you for helping keep jBase safe for everyone!