diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..47aebc705 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,20 @@ +# Security Policy + +## Supported Versions + +| Version | Supported | Status | Comments | +| ----------- | ------------------ | --------------------- | ------------------------------------ | +| 1.8.x | :white_check_mark: | Long Term Support | See [Long Term Support policy][0] | +| 1.3.x-1.7.x | :x: | | | +| 1.2.x | :warning: | Security patches only | Last version to provide IE 8 support | +| <1.2.0 | :x: | | | + +## Reporting a Vulnerability + +Email us at [security@angularjs.org](mailto:security@angularjs.org) to report any potential security issues in AngularJS. + +Please [use the latest AngularJS possible](https://docs.angularjs.org/guide/security#use-the-latest-angularjs-possible) +and keep in mind the guidance around AngularJS' +[expression language](https://docs.angularjs.org/guide/security#angularjs-templates-and-expressions). + +[0]: https://docs.angularjs.org/misc/version-support-status#long-term-support