Create SECURITY.md for security policy and reporting

[franciscoarturorivera371-cyber]

Added a security policy document outlining supported versions and vulnerability reporting.

[franciscoarturorivera371-cyber]

Submit the change.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b0997b0946

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Replace placeholder supported versions

This table appears to be the GitHub template data rather than Testcontainers' release policy: the repo's current testcontainers.version is 2.0.5 in gradle.properties, while there are no 4.x/5.x Testcontainers Java releases in this tree. Because GitHub surfaces SECURITY.md to users looking for supported releases, this would incorrectly tell users on the current 2.x line that it is unsupported and point them at nonexistent supported 5.1.x/4.0.x lines.

Useful? React with 👍 / 👎.

[franciscoarturorivera371-cyber]

From b0997b0 Mon Sep 17 00:00:00 2001
From: Francisco Arturo Rivera franciscoarturorivera371@gmail.com
Date: Wed, 3 Jun 2026 15:25:03 -0700
Subject: [PATCH] Create SECURITY.md for security policy and reporting

Added a security policy document outlining supported versions and vulnerability reporting.

SECURITY.md | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000000..034e8480320
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported |
+| ------- | ------------------ |
+| 5.1.x | ✅ |
+| 5.0.x | ❌ |
+| 4.0.x | ✅ |
+| < 4.0 | ❌ |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

[franciscoarturorivera371-cyber]

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000000..034e8480320
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported |
+| ------- | ------------------ |
+| 5.1.x | ✅ |
+| 5.0.x | ❌ |
+| 4.0.x | ✅ |
+| < 4.0 | ❌ |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.