In MDL-69877 a new security.txt file, following the information @ security.txt was introduced.

The security.txt file located in /security.txt must be updated regularly, shortly before it expires (defined by the Expires element within the file). This task should be completed two weeks prior to the next major release.

As a minimum, this will involve updating the Expires value, which needs to be set to [expected major release date] + 3 WEEKS. If any of other details in the security.txt need to be amended, they should also be completed at the same time.

The updates should be made to master, as well as all other security supported Moodle versions that contain security.txt. This means all supported versions have an identical security.txt file (including the same expiry).

Detailed information (to be modified for each clone of this issue):

• Branches affected: master, 40, 311, 310, 39
• Expiry (major release + 3 weeks): 09 May 2022 + 3 weeks = 30 May 2022
• Other changes: ... add any further changes required here

How to format the date correctly:

date --rfc-email --utc --date='30 May 2022 01:00 UTC'

(This issue is part of the release process, 2 weeks before release, and will be cloned as part of it.)