From b5b619d51a6b7e8af96d96348c87eea648e86096 Mon Sep 17 00:00:00 2001
From: Visne <39844191+Visne@users.noreply.github.com>
Date: Thu, 9 Mar 2023 23:01:40 +0100
Subject: [PATCH] Add SECURITY.md (#14551)

---
 .github/ISSUE_TEMPLATE/config.yml | 6 +++---
 SECURITY.md                       | 9 +++++++++
 2 files changed, 12 insertions(+), 3 deletions(-)
 create mode 100644 SECURITY.md

diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index d9011765aac..09c9e76b193 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,7 +1,7 @@
 contact_links:
-  - name: Report a Security Exploit
-    url: https://discord.gg/MwDDf6t
-    about: Please report serious security exploits and vulnerabilities to @PJB3005 (PJB#3005/97089048065097728 on Discord).
+  - name: Report a Security Vulnerability
+    url: https://github.com/space-wizards/space-station-14/blob/master/SECURITY.md
+    about: Please report security vulnerabilities privately so we can fix them before they are publicly disclosed.
   - name: Request a Feature
     url: https://discord.gg/rGvu9hKffJ
     about: Submit feature requests on our Discord server (https://discord.gg/rGvu9hKffJ).
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000000..38197078a31
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,9 @@
+# Reporting a security vulnerability
+You can report a security vulnerability through Discord or through email.
+
+If you want to send an email, you can contact us at <telecommunications@spacestation14.com>.
+If you want to contact us through Discord, you can join [our server](https://discord.gg/MwDDf6t)
+and then **privately** message anyone with the `@Wizard` or `@SS14 Maintainer` role.
+
+In either case, **do not publicly disclose the vulnerability until we explicitly give
+you permission to do so**.