From ab74b03cc168856b32744562b8982609b990e5f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mikl=C3=B3s=20Fazekas?= <mfazekas@szemafor.com>
Date: Mon, 6 Feb 2023 08:25:51 +0100
Subject: doc: use github private vunerability reporting

---
 README.md   | 4 +---
 SECURITY.md | 4 ++++
 2 files changed, 5 insertions(+), 3 deletions(-)
 create mode 100644 SECURITY.md

diff --git a/README.md b/README.md
index ab16913..19e53be 100644
--- a/README.md
+++ b/README.md
@@ -249,9 +249,7 @@ gem cert --add net-ssh-public_cert.pem
 
 ## Security contact information
 
-To report a security vulnerability, please use the
-[Tidelift security contact](https://tidelift.com/security).
-Tidelift will coordinate the fix and disclosure.
+See [SECURITY.md](SECURITY.md)
 
 ## CREDITS
 
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..45d0b8e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,4 @@
+## Security contact information
+
+To report a security vulnerability, please use the
+[GitHub private vulnerability reporting feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability).
-- 
cgit v1.2.1