MyBatis Security policy

For security-conscious and especially commercial entities, a SECURITY.md file which shows up in the Github Security tab is quite helpful.

You can set a SECURITY.md at the project level or the organization level. For example here's a couple projects which set it at the organization level: * https://github.com/nodeca/.github * https://github.com/pandas-dev/.github/blob/master/SECURITY.md

Those organizations currently use Tidelift, which might be helpful because it's a third-party which means it's easier to trust than an individual. But I don't know too much about that - I think any security policy would be helpful.

Comment From: Jameslebron6

We are students at the Australian National University and are completing the assignment for comp6120. We are very interested in this issue. Can you assign this issue to us?