web3 · spacesailor24 · Oct 8, 2021 · Sep 27, 2021 · Sep 27, 2021 · Sep 27, 2021
@@ -0,0 +1,13 @@
+# Security Policy
+## Supported Versions
+Legacy-compatibility releases `v1.x`:
+- :hourglass_flowing_sand: Web3.js currently undergoes a quick release cycle with regular minor and patch releases.
+- :globe_with_meridians: We encourage using the [most recently released version](https://github.com/ChainSafe/web3.js/releases/latest) from the `v1.x` release track before reporting an issue.
+
+Future rewrites and feature tracks `v2.x`, `v3.x`, and  `v4.x`:
+- :hourglass: Web3.js currently undergoes a complete refactoring and rewrite. At this time it is not recommended to use any of these release tracks, yet.
+- :stop_sign: We encourage **not** using these releases until official stable releases will be announced.
+
+## Reporting a Vulnerability
+- :rotating_light: Please, send vulnerability reports to `[email protected]`.
+- :warning: **Please do not file a public ticket** mentioning the vulnerability, as doing so could increase the likelihood of the vulnerability being exploited before a fix has been created, released and installed on the network.