Revise security vulnerability reporting guidelines

pboling · web-flow · commit d02a0760fd8b · 2026-01-21T19:05:10.000-07:00
Updated security contact information and reporting process.
diff --git a/SECURITY.md b/SECURITY.md
@@ -7,8 +7,16 @@
 | 2.x     | ✅         |
 | 1.x     | ❌         |
 
-## Reporting a Vulnerability
+## Security contact information
 
-Peter Boling is the primary maintainer of this gem. Please find a way
-to [contact him directly](https://railsbling.com/contact) to report the issue. Include as much relevant information as
-possible.
+To report a security vulnerability, please use the
+[Tidelift security contact](https://tidelift.com/security).
+Tidelift will coordinate the fix and disclosure.
+
+## Additional Support
+
+If you are interested in support for versions older than the latest release,
+please consider sponsoring the project / maintainer @ https://liberapay.com/pboling/donate,
+or find other sponsorship links in the [README].
+
+[README]: README.md
