From 66431efbed0f3eeddf096fc9447352fce18bb347 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 15:30:28 +0000
Subject: [PATCH 1/3] Initial plan


From 65e0ee81f298312d7ce113853c398e4bf36979a2 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 15:31:58 +0000
Subject: [PATCH 2/3] Add SECURITY.md with supported versions and vulnerability
 reporting instructions

Co-authored-by: jrbasso <26548+jrbasso@users.noreply.github.com>
---
 SECURITY.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..1dc0803
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,20 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 3.x     | :white_check_mark: |
+| < 3.0   | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in this project, **please do not report it via public GitHub issues**.
+
+Instead, please email [engineering@zumba.com](mailto:engineering@zumba.com) with:
+
+- A description of the vulnerability
+- Steps to reproduce the issue
+- Potential impact of the vulnerability
+
+We will acknowledge receipt within 3 business days and will keep you informed of the progress toward a fix. Once the issue has been resolved, we will notify you before any public disclosure.

From c1d0025ae3ff866b909bdd5cee02d6797b50350a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 19 Feb 2026 15:37:22 +0000
Subject: [PATCH 3/3] Update security contact email to security@zumba.com in
 SECURITY.md

Co-authored-by: jrbasso <26548+jrbasso@users.noreply.github.com>
---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index 1dc0803..bdc99f8 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -11,7 +11,7 @@
 
 If you discover a security vulnerability in this project, **please do not report it via public GitHub issues**.
 
-Instead, please email [engineering@zumba.com](mailto:engineering@zumba.com) with:
+Instead, please email [security@zumba.com](mailto:security@zumba.com) with:
 
 - A description of the vulnerability
 - Steps to reproduce the issue