From b17458d24a13b74ec954d9eff3ecfd67f41ae6ac Mon Sep 17 00:00:00 2001
From: Stefanni Brasil <stefannibrasil@proton.me>
Date: Fri, 16 Aug 2024 12:36:03 -0600
Subject: [PATCH] Add security.yml and SECURITY.md
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We’re committed to protecting our systems, information, and our client’s information.

One of the ways we can enforce that in our OS projects is to provide a way to report a Vulnerability.

Add a dynamic security workflow that will automatically create PRs to update our Security policies in this repo.
---
 .github/workflows/dynamic-security.yml | 19 +++++++++++++++++++
 SECURITY.md                            |  3 +++
 2 files changed, 22 insertions(+)
 create mode 100644 .github/workflows/dynamic-security.yml
 create mode 100644 SECURITY.md

diff --git a/.github/workflows/dynamic-security.yml b/.github/workflows/dynamic-security.yml
new file mode 100644
index 0000000..841e317
--- /dev/null
+++ b/.github/workflows/dynamic-security.yml
@@ -0,0 +1,19 @@
+name: update-security
+
+on:
+  push:
+    paths:
+      - SECURITY.md
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  update-security:
+    permissions:
+      contents: write
+      pull-requests: write
+      pages: write
+    uses: thoughtbot/templates/.github/workflows/dynamic-security.yaml@main
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..0dfe711
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,3 @@
+<!-- START /templates/security.md -->
+
+<!-- END /templates/security.md -->
\ No newline at end of file