From 9dbdaaa913e5b91353cc19242ef38b07b18f2111 Mon Sep 17 00:00:00 2001
From: clinssen <c.linssen@fz-juelich.de>
Date: Tue, 3 Mar 2026 14:47:55 +0100
Subject: [PATCH 1/2] create SECURITY.md

---
 SECURITY.md | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..bb402d2f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,34 @@
+
+# Security Policy
+
+ODE-toolbox is research-oriented software and as such is expected to
+run mainly in well-protected environments. In case it is found that this
+software can be used to violate security mechanisms, developers will try to
+provide patches that mitigate the risk of this misuse.
+
+The current policy is explained in SECURITY.md in the ODE-toolbox
+master branch. The policy can also be found at
+<https://github.com/nest/ode-toolbox/security/policy>.
+
+## Supported Versions
+
+Generally only the latest release will receive security related
+updates. Currently the following versions are being supported with security
+updates:
+
+| Version  | Supported          |
+| -------- | ------------------ |
+| master   | yes :heavy_check_mark: |
+
+## Reporting a Vulnerability
+
+For reporting a vulnerability please create a security advisory on the
+nest/ode-toolbox [Security
+Advisories](https://github.com/nest/ode-toolbox/security/advisories)
+page.  You need a GitHub account to create an advisory.
+
+Developers will then contact the reporter in a timely manner to assess
+severity and further handling via [Security
+Advisories](https://github.com/nest/ode-toolbox/security/advisories)
+or as normal [Issue](https://github.com/nest/ode-toolbox/issues) in
+non-critical cases.

From 212d8e2ef0c5fc79c4f4467d77c285e1ec5fd36e Mon Sep 17 00:00:00 2001
From: "C.A.P. Linssen" <charl@turingbirds.com>
Date: Fri, 13 Mar 2026 14:13:41 +0100
Subject: [PATCH 2/2] rename master branch to main

---
 SECURITY.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index bb402d2f..84e1b6b6 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -7,7 +7,7 @@ software can be used to violate security mechanisms, developers will try to
 provide patches that mitigate the risk of this misuse.
 
 The current policy is explained in SECURITY.md in the ODE-toolbox
-master branch. The policy can also be found at
+main branch. The policy can also be found at
 <https://github.com/nest/ode-toolbox/security/policy>.
 
 ## Supported Versions
@@ -16,9 +16,9 @@ Generally only the latest release will receive security related
 updates. Currently the following versions are being supported with security
 updates:
 
-| Version  | Supported          |
-| -------- | ------------------ |
-| master   | yes :heavy_check_mark: |
+| Version  | Supported              |
+| -------- | ---------------------- |
+| main     | yes :heavy_check_mark: |
 
 ## Reporting a Vulnerability