Moved support explanations to security.md.

rfelber · rfelber · commit c784226cdcfb · 2021-03-31T22:58:45.000+02:00
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -4,32 +4,11 @@
   - [GitHub Flow](#github-flow)
     - [How to work with GitHub Flow](#how-to-work-with-github-flow)
   - [Working with Forks and Pull Requests](#working-with-forks-and-pull-requests)
-  - [Working with Issues / How to Contribute in Issues](#working-with-issues--how-to-contribute-in-issues)
+  - [Bugfixing And Securityfixing Released Features](#bugfixing-and-securityfixing-released-features)
+  - [Working with Issues/How to Contribute in Issues](#working-with-issueshow-to-contribute-in-issues)
   - [How to Write Commit Messages](#how-to-write-commit-messages)
   - [Code of Conduct](#code-of-conduct)
 
-## Release Strategy
-
-Our Release Cycle for new Features (Minior semver update)
-is roughly every two weeks (We will usually make a new Release after each Review).
-
-### Major Release (Semver)
-
-For Upcomming major updates we decided that there will be a time window in which both Major versions (starting with v2.x.x)
-will receive security updates and bugfixes.
-We did not yet decide on the size window but it will probably be a couple of months
-and will be published when the next major version will be released.
-
-### Minor Release/Feature Releases (Semver)
-
-We currently plan to provide support for the latest Minor semver release only.
-
-### Patch Release/Bugfix/Security Fix
-
-We try to make bugfixes and high severity fixes available as patch release for the current minor release
-as early as possible.
-
-
 ## GitHub Flow
 
 For more information see [GitHub Flow](https://githubflow.github.io/)
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,7 +1,8 @@
 # Security Policy
 
 ## Supported Versions
-Use this section to tell people about which versions of your project are currently being supported with security updates.
+Our _release cycle_ for new features (minior [semver](https://semver.org/lang/de/) update)
+is roughly every two weeks (we will usually make a new release after each review). 
 
 | Version | Security Fixes* | Supported** |
 | ------- | ------------------ | ------------------ |
@@ -10,8 +11,25 @@ Use this section to tell people about which versions of your project are current
 | <= 2.4.x | :x: | :x: |
 | < 2.0 | :x: | :x: |
 
-## Extended Support
-Use this section to tell people about the possibilities to get (payed) extended support for older versions with security updates of your project are currently being supported.
+### Major Release (Semver)
+_Upcoming major updates_ will come with a time window in which both _major versions_ (starting with v2.x.x)
+will receive security updates and bugfixes. The concrete support intervall will be probably a couple of months
+and will be published when the next major version will be released.
+
+### Minor Release/Feature Releases (Semver)
+We currently plan to provide support for the _latest minor [semver](https://semver.org/lang/de/)_ release only.
+
+### Patch Release/Bugfix/Security Fix
+We try to make bugfixes and high severity fixes available as patch release for the current minor release
+as early as possible.
+
+## Extended (Enterprise) Support
+If you are interessted in extended support for older versions with security updates of our project 
+please get in touch with the project team via Slack or eMail <secureCodeBox@iteratec.com>.
 
 ## Reporting a Vulnerability
-Use this section to tell people how to report a vulnerability.Tell them where to go, how often they can expect to get an update on areported vulnerability, what to expect if the vulnerability is accepted ordeclined, etc.
+You have found a vulnerability in the project that shouldndt be discloused as public issue before its fixed?
+Please get in touch with the project team via Slack or eMail <secureCodeBox@iteratec.com>. 
+
+You can expect a fast reaction within the next days. 
+We will keep you updated about the next steps and inform you if the vulnerability is accepted and when its fixed or if its ordeclined somehow.
