From d10e4638bd1976f7908e787893df94ca292ff164 Mon Sep 17 00:00:00 2001
From: TechTide AI <alexjobs23@gmail.com>
Date: Thu, 21 May 2026 18:56:17 -0400
Subject: [PATCH 1/2] docs: clean up SECURITY.md and add supported versions
 table

- Remove stale HTML comment with old contact email
- Add Supported Versions section (GitHub standard policy format)
- Add cross-reference from docs/SECURITY.md runbook to the root
  disclosure policy so contributors land in the right place
---
 SECURITY.md      | 10 ++++++++--
 docs/SECURITY.md |  2 ++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 739ff70..1f602dd 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -8,10 +8,16 @@ If you discover a security vulnerability in KnotCode, please report it responsib
 
 Instead, DM [**@BunsDev**](https://x.com/BunsDev) or use [GitHub's private vulnerability reporting](https://github.com/OpenKnots/code-editor/security/advisories/new).
 
-<!-- Instead, email **security@openknot.ai** or use [GitHub's private vulnerability reporting](https://github.com/OpenKnots/code-editor/security/advisories/new). -->
-
 We will acknowledge your report within 48 hours and aim to release a fix within 7 days for critical issues.
 
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 1.11.x (latest) | :white_check_mark: Active security updates |
+| 1.10.x | :white_check_mark: Critical fixes only |
+| < 1.10 | :x: End of life — please upgrade |
+
 ## Scope
 
 This policy covers:
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 4576a8f..39ff837 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -1,5 +1,7 @@
 # Security Runbook
 
+> **Reporting a vulnerability?** See [`../SECURITY.md`](../SECURITY.md) for the disclosure policy and contact info.
+
 This document defines how KnotCode handles secrets, responds to leaks, and manages git author privacy.
 
 ## Secret Handling Policy

From 8273a2c237a98a6dd7bf4445c967e62c3a7d47db Mon Sep 17 00:00:00 2001
From: TechTide AI <alexjobs23@gmail.com>
Date: Tue, 23 Jun 2026 01:16:11 -0400
Subject: [PATCH 2/2] docs: soften SECURITY.md supported-versions to reflect
 actual policy

---
 SECURITY.md | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 1f602dd..5af8e4d 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -12,11 +12,9 @@ We will acknowledge your report within 48 hours and aim to release a fix within
 
 ## Supported Versions
 
-| Version | Supported |
-|---------|-----------|
-| 1.11.x (latest) | :white_check_mark: Active security updates |
-| 1.10.x | :white_check_mark: Critical fixes only |
-| < 1.10 | :x: End of life — please upgrade |
+KnotCode ships as a continuously-updated static app, so security fixes land in
+the latest release. Please make sure you're on the most recent version before
+reporting an issue, and upgrade to pick up any fix.
 
 ## Scope