From 86ca8e31ab01f405aab3d1d140e85f0423e114c6 Mon Sep 17 00:00:00 2001
From: Tony Meyer <tony.meyer@canonical.com>
Date: Tue, 30 Jul 2024 18:15:11 +1200
Subject: [PATCH] docs: security policy change to only support each active
 major release (#1297)

We strongly encourage charms to use the latest release of ops, and put
in a lot of effort to make sure that there are no compatibility issues
that would prevent that. As such, rather than promising to do security
releases for a year of versions (with our monthly release cadence, this
would generally mean 10-12 security releases), only promise to do one
for each active major release (so that would be only for 2.x now, and
might be 2.x and 3.x at some point in the future).

This is all that we promise, but we could, of course, choose to do more
if there was some reason to do so on a case-by-case basis.

This seems to balance the amount of work required to do many small
releases and the work that we put into compatibility better than the
previous policy.
---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index e499e7e52..90d01971b 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,7 +2,7 @@
 
 ## Supported versions
 
-All ops 2.x versions released within the last year are currently supported with security updates.
+Security updates will be released for all major versions that have had releases in the last year.
 
 ## Reporting a vulnerability