From 9a2f4a4667b77bf3c628f35b2aec43fbd664e6d6 Mon Sep 17 00:00:00 2001
From: Juan Picado <juanpicado19@gmail.com>
Date: Mon, 26 Apr 2021 07:56:07 +0200
Subject: [PATCH] Update SECURITY.md

---
 SECURITY.md | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index 57b9aca41..45270524b 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -6,9 +6,12 @@ The following table describes the versions of this project that are currently su
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 2.x     | :x:                |
-| 3.x     | :x:                |
-| 4.x     | :white_check_mark: |
+| 2.x   | :x:                  |
+| 3.x   | :x:   |
+| 4.x   | :white_check_mark: (until 1st July 2021)  |
+| 5.x   | :white_check_mark:   |
+| 6.x alpha  | :x:   |
+
 
 ## Responsible disclosure security policy
 
@@ -26,11 +29,11 @@ At Verdaccio, we consider the security of our systems a top priority. But no mat
 
 If you discover a security vulnerability, please use one of the following means of communications to report it to us:
 
-- Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
+* Report the security issue to the Node.js Security WG through the [HackerOne program](https://hackerone.com/nodejs-ecosystem) for ecosystem modules on npm, or to [Snyk Security Team](https://snyk.io/vulnerability-disclosure). They will help triage the security issue and work with all involved parties to remediate and release a fix.
 
 Note that time-frame and processes are subject to each program’s own policy.
 
-- Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
+* Report the security issue to the project maintainers directly at verdaccio@pm.me. If the report contains highly sensitive information, please be advised to encrypt your findings using our [PGP key](https://verdaccio.nyc3.digitaloceanspaces.com/gpg/publickey.verdaccio@pm.me.asc) which is also available in this document.
 
 Your efforts to responsibly disclose your findings are sincerely appreciated and will be taken into account to acknowledge your contributions.