From ca26d1fd8c020cf6ae043168588d8bcc16b7e9cc Mon Sep 17 00:00:00 2001
From: Jesse Talavera <jesse@jesse.tg>
Date: Fri, 18 Oct 2024 17:49:55 -0400
Subject: [PATCH] Clarify some language in SECURITY.md

---
 .github/SECURITY.md | 4 +++-
 CHANGELOG.md        | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index 8a4b741..f5789cf 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -10,10 +10,12 @@ _security fixes will not be backported to older releases_.
 melonDS DS is only intended to execute code for the hardware it emulates;
 any bug that allows it to execute arbitrary code on the host
 is a vulnerability and should be reported.
+Reports of other kinds of vulnerabilities
+(e.g. build infrastructure) are also welcome.
 
 If you discover such a bug, please submit a private vulnerability report
 (**not** a public bug)
-with a homebrew ROM that demonstrates the issue.
+with a homebrew ROM that demonstrates the issue if applicable.
 
 I will share this information with the maintainers of upstream melonDS,
 as such a vulnerability would most likely affect them as well.
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d8814e3..26fa011 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,7 @@ Thanks to **@oddballparty** and a private sponsor for their generosity!
   starting with this release.
 - Added a contributor's guide at `CONTRIBUTING.md`.
   [#107](https://github.com/JesseTG/melonds-ds/issues/107)
+- Added guidelines for reporting security vulnerabilities at `SECURITY.md`.
 - Added right-handed versions of the hybrid screen layouts.
   [#38](https://github.com/JesseTG/melonds-ds/issues/38)
   **Thanks for [#229](https://github.com/JesseTG/melonds-ds/pull/229), @roblar91!**