Add security policy

SECURITY.md

@@ -0,0 +1,34 @@
+# Security Policy
+
+## Supported Versions
+
+We release patches for security vulnerabilities in the latest major version of the package:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| Latest  | :white_check_mark: |
+| Older   | :x:                |
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it to us as follows:
+
+1. **Email us**: Send an email to [[email protected]](mailto:[email protected]) with the details of the vulnerability.
+2. **Provide details**: Include as much information as possible about the vulnerability, including steps to reproduce it, potential impact, and any suggested fixes.
+3. **Wait for a response**: We will acknowledge your email within 72 hours and provide a timeline for a fix.
+
+## Security Updates
+
+We will release security updates as needed. Users are encouraged to update to the latest version to ensure they have the latest security fixes.
+
+## Security Best Practices
+
+To help secure your Angular project, we recommend the following best practices:
+
+- **Keep dependencies up to date**: Regularly update your project dependencies to the latest versions.
+- **Use HTTPS**: Ensure your application is served over HTTPS to protect data in transit.
+- **Sanitize inputs**: Always sanitize user inputs to prevent injection attacks.
+- **Enable Content Security Policy (CSP)**: Use CSP to mitigate cross-site scripting (XSS) and other code injection attacks.
+- **Regularly review code**: Conduct regular code reviews to identify and fix potential security issues.
+
+Thank you for helping us keep our project secure!