Merge branch 'theskumar:main' into main

HelloBroBro · web-flow · commit 725b0b57a409 · 2024-04-08T07:02:22.000+02:00
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
@@ -0,0 +1,19 @@
+# Security Policy
+
+## Supported Versions
+
+| Version   | Supported          |
+| --------- | ------------------ |
+| latest    | :white_check_mark: |
+| 0.x       | :x:                |
+
+## Reporting a Vulnerability
+
+If you believe you have identified a security issue with Python-dotenv, please email
+python-dotenv@saurabh-kumar.com. A maintainer will contact you acknowledging the report
+and how to continue.
+
+Be sure to include as much detail as necessary in your report. As with reporting normal
+issues, a minimal reproducible example will help the maintainers address the issue faster.
+If you are able, you may also include a fix for the issue generated with `git
+format-patch`.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,13 @@
+# Keep GitHub Actions up to date with GitHub's Dependabot...
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot
+# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: /
+    groups:
+      github-actions:
+        patterns:
+          - "*"  # Group all Actions updates into a single larger pull request
+    schedule:
+      interval: weekly
