From 5ccabbcb50bd0158f0ef94b7b6c4e95ad6b50988 Mon Sep 17 00:00:00 2001
From: JeremyDev87 <soundbrokaz@kakao.com>
Date: Sat, 9 May 2026 10:20:54 +0900
Subject: [PATCH] =?UTF-8?q?docs:=20=EB=B3=B4=EC=95=88=20=EC=A7=80=EC=9B=90?=
 =?UTF-8?q?=20=EC=A0=95=EC=B1=85=20=EB=AA=85=ED=99=95=ED=99=94?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 SECURITY.md | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index d06c38c..d4d3939 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,8 +2,13 @@
 
 ## Supported Versions
 
-Legolas is in early development. Security fixes are applied to the latest
-version on the default branch.
+Until v1.0.0 is released, security fixes are applied to the latest npm release
+on npm's `latest` dist-tag and the default branch.
+
+After the v1.0.0 release, the supported line is the latest supported `1.x` npm
+release on npm's `latest` dist-tag and the default branch. Older pre-1.0
+releases are not backported unless a maintainer announces a specific exception
+in the release notes.
 
 ## Reporting a Vulnerability