From 14d1eac7377dd537972ead12d0c3b5e5feaa2e81 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=B6ksel=20K=C3=BC=C3=A7=C3=BCk=C5=9Fahin?=
 <gokselkucuksahin@gmail.com>
Date: Sun, 5 Jan 2025 13:19:23 +0300
Subject: [PATCH] Update SECURITY.md

---
 SECURITY.md | 41 ++++++++++++++++++++++-------------------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index d20ab11..8c67aa7 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -4,27 +4,30 @@
 
 The following versions of `es-query-builder` are currently supported with security updates:
 
-| Version | Supported          |
-| ------- | ------------------ |
-| ≥ 0.3.6 | ✅ Supported       |
-| < 0.3.6 | ❌ Not Supported   |
+| Version  | Supported          |
+| -------- | ------------------ |
+| ≥ 0.3.6  | ✅ Supported       |
+| < 0.3.6  | ❌ Not Supported   |
 
 ## Reporting a Vulnerability
 
-We encourage the community to report security vulnerabilities responsibly to help us maintain the integrity of `es-query-builder`.
-
-### How to Report
-- Please create a **GitHub Issue** in the [repository Issues section](https://github.com/Trendyol/es-query-builder/issues).
-- Include the following details in your report:
-  - A description of the vulnerability.
-  - Steps to reproduce the issue.
-  - (Optional) Your suggestions for mitigation or fixes.
-
-### What to Expect
-1. **Acknowledgment**: We will respond to your issue within **48 hours**.
-2. **Resolution Process**:
-   - Accepted vulnerabilities will be assigned a severity level and prioritized.
-   - A fix is typically delivered within **30 days**, depending on severity.
-3. **Confidentiality**: Please avoid sharing the vulnerability details publicly until a fix has been released.
+We encourage the community to report security vulnerabilities responsibly to help us maintain the integrity of `es-query-builder`.  
+
+### Public Reporting  
+- For most issues, please create a **GitHub Issue** in the [repository Issues section](https://github.com/Trendyol/es-query-builder/issues).  
+- Include the following details in your report:  
+  - A description of the vulnerability.  
+  - Steps to reproduce the issue.  
+  - (Optional) Your suggestions for mitigation or fixes.  
+
+### Private Reporting  
+If the vulnerability is sensitive and public disclosure could pose a risk, please report it privately by using GitHub's [private security advisory feature](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability).  
+
+### What to Expect  
+1. **Acknowledgment**: We will respond to your report within **48 hours**.  
+2. **Resolution Process**:  
+   - Accepted vulnerabilities will be assigned a severity level and prioritized.  
+   - A fix is typically delivered within **30 days**, depending on severity.  
+3. **Confidentiality**: Please avoid sharing the vulnerability details publicly until a fix has been released.  
 
 We appreciate your contributions to keeping `es-query-builder` secure!