Merge pull request #110 from ChristianLempa:90-add-security-policy

update security file

SECURITY.md

@@ -0,0 +1,21 @@
+# Security Policy
+
+I take the security of my projects seriously. If you discover any security vulnerabilities or have concerns regarding the security of this repository, please reach out to me immediately. I appreciate your efforts in responsibly disclosing the issue and will make every effort to address it promptly.
+
+## Reporting a Vulnerability
+
+To report a security vulnerability, please email [christian.lempa@clcreative.de](mailto:christian.lempa@clcreative.de) with the following details:
+
+- A clear description of the vulnerability and its potential impact.
+- Steps or a PoC (Proof of Concept) to reproduce the vulnerability.
+- Any additional information or supporting materials that can help in understanding and addressing the issue.
+
+Please do not disclose any potential vulnerabilities in public repositories, issue trackers, or forums until I have had a chance to review and address the issue.
+
+## Scope
+
+This security policy applies to all the code and files within this repository and its dependencies actively maintained by me. If you encounter a security issue in a dependency that is not directly maintained by me, please follow responsible disclosure practices and report it to the respective project.
+
+While I strive to ensure the security of this project, please note that as an individual developer, there may be limitations on resources, response times, and mitigations.
+
+Thank you for your help in making this project more secure.