From 5a5a625680dee28925882270252979233c220df2 Mon Sep 17 00:00:00 2001
From: Sara Jackson <csara@thoughtbot.com>
Date: Fri, 19 Jul 2024 09:36:27 -0400
Subject: [PATCH] Add dynamic security workflow and update SECURITY.md

At thoughtbot, we'd like to have a unified approach to security issues
within our projects. This dynamic workflow will update Clearance's
SECURITY.md with any changes made to SECURITY.md in the
thoughtbot/templates repo.
---
 .github/workflows/dynamic-security.yml | 19 +++++++++++++++++++
 SECURITY.md                            | 18 ++----------------
 2 files changed, 21 insertions(+), 16 deletions(-)
 create mode 100644 .github/workflows/dynamic-security.yml

diff --git a/.github/workflows/dynamic-security.yml b/.github/workflows/dynamic-security.yml
new file mode 100644
index 00000000..f73eb7fb
--- /dev/null
+++ b/.github/workflows/dynamic-security.yml
@@ -0,0 +1,19 @@
+name: update-security
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - SECURITY.md
+  workflow_dispatch:
+
+jobs:
+  update-security:
+    permissions:
+      contents: write
+      pull-requests: write
+      pages: write
+    uses: thoughtbot/templates/.github/workflows/dynamic-security.yaml@main
+    secrets:
+      token: ${{ secrets.GITHUB_TOKEN }}
\ No newline at end of file
diff --git a/SECURITY.md b/SECURITY.md
index 8847f77d..9b63758c 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -1,16 +1,2 @@
-# Security Policy
-
-## Supported Versions
-
-We will provide security updates for the latest 3 versions.
-
-| Version | Security updates |
-| - | - |
-| 2.7.x   | ✅ |
-| 2.6.x   | ✅ |
-| 2.5.x   | ✅ |
-| < 2.5.0 | :x: |
-
-## Reporting a Vulnerability
-
-You can contact <security@thoughtbot.com>. See <https://thoughtbot.com/security> for more information about our security policy.
+<!-- START /templates/security.md -->
+<!-- END /templates/security.md -->