add Go 1.26 to CI flow + update security.md contents

add Go 1.26 to CI flow

Author: aldas

.github/workflows/checks.yml

@@ -14,7 +14,7 @@ permissions:
 
 env:
   # run static analysis only with the latest Go version
-  LATEST_GO_VERSION: "1.25"
+  LATEST_GO_VERSION: "1.26"
 
 jobs:
   check:

.github/workflows/echo.yml

@@ -14,7 +14,7 @@ permissions:
 
 env:
   # run coverage and benchmarks only with the latest Go version
-  LATEST_GO_VERSION: "1.25"
+  LATEST_GO_VERSION: "1.26"
 
 jobs:
   test:
@@ -25,7 +25,7 @@ jobs:
         # Echo tests with last four major releases (unless there are pressing vulnerabilities)
         # As we depend on `golang.org/x/` libraries which only support the last 2 Go releases, we could have situations when
         # we derive from the last four major releases promise.
-        go: ["1.25"]
+        go: ["1.25", "1.26"]
     name: ${{ matrix.os }} @ Go ${{ matrix.go }}
     runs-on: ${{ matrix.os }}
     steps:

SECURITY.md

@@ -2,15 +2,14 @@
 
 ## Supported Versions
 
-Use this section to tell people about which versions of your project are
-currently being supported with security updates.
-
-| Version | Supported          |
-| ------- | ------------------ |
-| 5.x.x   | :white_check_mark:               |
-| > 4.15.x   | :white_check_mark: |
-| < 4.0   | :x:                |
+| Version   | Supported                           |
+|-----------|-------------------------------------|
+| 5.x.x     | :white_check_mark:                  |
+| >= 4.15.x | :white_check_mark: until 2026.12.31 |
+| < 4.15    | :x:                                 |
 
 ## Reporting a Vulnerability
 
-At the moment look for maintainers email(s) in commits and email them.
+https://github.com/labstack/echo/security/advisories/new
+
+or look for maintainers email(s) in commits and email them.