From e49b33f584582ac3858bd0190218f3fadcd4442f Mon Sep 17 00:00:00 2001
From: Chad Nehemiah <chad.nehemiah94@gmail.com>
Date: Thu, 6 Jun 2024 11:20:29 -0500
Subject: [PATCH] docs: create a security policy (#2410)

* docs: create a security policy

* docs: appropriately link security policy

* docs: update security policy

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: remove unnecessary line

Co-authored-by: Peter Smith <peter@blueoceancomputing.co.uk>

* docs: remove unnecessary line break

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: grammatical fix

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: remove line break

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: update guidelines

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: update sentence structure

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

* docs: remove unrelated section

* docs: update SECURITY.md

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>

---------

Co-authored-by: Anderson Arboleya <anderson@arboleya.me>
Co-authored-by: Peter Smith <peter@blueoceancomputing.co.uk>
---
 CONTRIBUTING.md |  2 ++
 SECURITY.md     | 15 +++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index ba53313653e..b76ebdbf0fb 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -16,6 +16,8 @@ Check out our [Help Wanted](https://github.com/FuelLabs/fuels-ts/issues?q=is%3Ao
 
 If you are planning something big, for example, changes related to multiple components or changes to current behaviors, make sure to [open an issue](https://github.com/FuelLabs/fuels-ts/issues/new) to discuss with us before starting on the implementation.
 
+If you find a vulnerability or suspect it may be a security issue, please read our [Security Policy](./SECURITY.md) and follow the instructions.
+
 # Setting up
 
 ```sh
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000000..badccdbb6bb
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,15 @@
+# Security Policy
+
+The Fuel Typescript SDK is still in development, and we take security very seriously.
+
+## Security Issues
+
+If you find a vulnerability or exploit, please report it immediately and privately:
+ - https://github.com/FuelLabs/fuels-ts/security/advisories/new
+
+      > Please **DO NOT** file a public issue.
+
+## Non-Security Issues
+
+If the issue is not security-related, please report it publicly:
+ - https://github.com/FuelLabs/fuels-ts/issues/new