Drop obsolete info on yanking from security policy

EliahKagan · EliahKagan · commit 085181be5c9c · 2023-10-13T02:29:01.000-04:00
Versions may still be yanked for security reasons under specific
circumstances, but this is not the usual or most common practice in
GitPython, at least currently. Recent security updates have not
been accompanied by yanking older versions, and allowing these
versions to be selected automatically even when not called for
specifically can be good, such as to prevent an older version with
even more vulnerabilities from being installed in situations where
for some reason the latest version is not yet being used.

In general, users shouldn't (and don't) assume all non-yanked
versions to be free of security fixes that later versions have
received. This change updates SECURITY.md to avoid giving that
impression, but of course some versions of GitPython may still be
yanked in the future if circumstances warrant it.
diff --git a/SECURITY.md b/SECURITY.md
@@ -2,8 +2,7 @@
 
 ## Supported Versions
 
-Only the latest version of GitPython can receive security updates. If a vulnerability is discovered, a fix can be issued in a new release, while older releases
-are likely to be yanked.
+Only the latest version of GitPython can receive security updates. If a vulnerability is discovered, a fix can be issued in a new release.
 
 | Version | Supported          |
 | ------- | ------------------ |
