Update templates (#3072)

Author: MichelZ

.github/ISSUE_TEMPLATE/bug-report.md

@@ -1,9 +1,9 @@
 ---
 name: Bug report
 about: Create a report to help us improve
-title: ''
-labels: 'Triage Needed'
-assignees: ''
+title: ""
+labels: [":new: Triage Needed", ":bug: Bug!"]
+assignees: []
 
 ---
 
@@ -31,9 +31,9 @@ A clear and concise description of what you expected to happen.
 
 ### Further technical details
 Microsoft.Data.SqlClient version: (found on the nuget or Microsoft.Data.SqlClient.dll)
-.NET target: (e.g. Framework 4.7.1, Core 2.2.2)
-SQL Server version: (e.g. SQL Server 2017)
-Operating system: (e.g. Windows 2019, Ubuntu 18.04, macOS 10.13, Docker container)
+.NET target: (e.g. .NET Framework 4.7.2, .NET 6.0)
+SQL Server version: (e.g. SQL Server 2022)
+Operating system: (e.g. Windows Server 2022, Ubuntu 24.04, macOS 14.7.1, Docker container)
 
 **Additional context**
-Add any other context about the problem here.
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+  - name: SqlClient Community Support / Discussions
+    url: https://github.com/dotnet/SqlClient/discussions
+    about: Please ask and answer questions here.
+  - name: MSRC Vulnerability Reporting / Bug Bounty
+    url: https://msrc.microsoft.com/create-report
+    about: Please report security vulnerabilities here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -1,9 +1,9 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
-title: ''
-labels: 'Triage Needed'
-assignees: ''
+title: ""
+labels: [":new: Triage Needed", ":bulb: Enhancement"]
+assignees: []
 
 ---
 
@@ -17,4 +17,4 @@ A clear and concise description of what you want to happen.
 A clear and concise description of any alternative solutions or features you've considered.
 
 ### Additional context
-Add any other context about the feature request here.
+Add any other context about the feature request here.

.github/ISSUE_TEMPLATE/other.md

@@ -1,10 +1,8 @@
 ---
 name: Other
 about: Ask a question or file a different type of issue
-title: ''
-labels: 'Triage Needed'
-assignees: ''
-
----
-
+title: ""
+labels: [":new: Triage Needed"]
+assignees: []
 
+---

SECURITY.md

@@ -0,0 +1,38 @@
+# Security Policy
+
+## Supported Versions
+
+Microsoft.Data.SqlClient library follows the latest .NET Core support policy for all releases.
+
+[View the .NET Core Support Policy](https://dotnet.microsoft.com/platform/support/policy/dotnet-core)
+
+View GA released version LTS/Current status and support dates here: [SqlClient Support Policy on Microsoft Documentation](https://docs.microsoft.com/sql/connect/ado-net/sqlclient-driver-support-lifecycle)
+
+# Security
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include Microsoft, Azure, DotNet, AspNet, Xamarin, and our GitHub organizations.
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's Microsoft's definition of a security vulnerability, please report it to us as described below.
+
+## Reporting a Vulnerability
+
+Please do not report security vulnerabilities through public GitHub issues.
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at https://msrc.microsoft.com/create-report.
+
+If you prefer to submit without logging in, send email to [email protected]. If possible, encrypt your message with our PGP key; please download it from the Microsoft Security Response Center PGP Key page.
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at microsoft.com/msrc.
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+    Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+    Full paths of source file(s) related to the manifestation of the issue
+    The location of the affected source code (tag/branch/commit or direct URL)
+    Any special configuration required to reproduce the issue
+    Step-by-step instructions to reproduce the issue
+    Proof-of-concept or exploit code (if possible)
+    Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our Microsoft Bug Bounty Program page for more details about our active programs.