bigskysoftware
diff --git a/‎README.md‎
Lines changed: 1 addition & 3 deletions b/‎README.md‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎SECURITY.md‎
Lines changed: 15 additions & 0 deletions b/‎SECURITY.md‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎editors/jetbrains/htmx.svg‎
Lines changed: 46 additions & 0 deletions b/‎editors/jetbrains/htmx.svg‎
Lines changed: 46 additions & 0 deletions
@@ -10,7 +10,7 @@
 ## introduction
 
 htmx allows you to access  [AJAX](https://htmx.org/docs#ajax), [CSS Transitions](https://htmx.org/docs#css_transitions),
-[WebSockets](https://htmx.org/docs#websockets) and [Server Sent Events](https://htmx.org/docs#sse)
+[WebSockets](https://htmx.org/extensions/ws/) and [Server Sent Events](https://htmx.org/extensions/sse/)
 directly in HTML, using [attributes](https://htmx.org/reference#attributes), so you can build
 [modern user interfaces](https://htmx.org/examples) with the [simplicity](https://en.wikipedia.org/wiki/HATEOAS) and
 [power](https://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm) of hypertext
@@ -99,8 +99,6 @@ At this point you can modify `/src/htmx.js` to add features, and then add tests
 htmx uses the [mocha](https://mochajs.org/) testing framework, the [chai](https://www.chaijs.com/) assertion framework
 and [sinon](https://sinonjs.org/releases/v9/fake-xhr-and-server/) to mock out AJAX requests.  They are all OK.
 
-You can also run live tests and demo of the WebSockets and Server-Side Events extensions with `npm run ws-tests`
-
 ## haiku
 
 *javascript fatigue:<br/>
 
@@ -0,0 +1,15 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 2.x     | :white_check_mark: |
+| 1.9.x   | :white_check_mark: |
+| < 1.9   | :x:                |
+
+## Reporting a Vulnerability
+
+If you think you've found a vulnerability, please use the _Report a vulnerability_ button found in the [security tab](https://github.com/bigskysoftware/htmx/security) of the project on Github.
+
+This process is documented in GitHub's _Secure Coding_ guide: [Privately reporting a security vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability).