diff --git a/.github/funding.yml b/.github/funding.yml
deleted file mode 100644
index 0038dab..0000000
--- a/.github/funding.yml
+++ /dev/null
@@ -1 +0,0 @@
-github: sindresorhus
diff --git a/.github/security.md b/.github/security.md
new file mode 100644
index 0000000..5358dc5
--- /dev/null
+++ b/.github/security.md
@@ -0,0 +1,3 @@
+# Security Policy
+
+To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security). Tidelift will coordinate the fix and disclosure.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index c1870cf..d578407 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -14,8 +14,8 @@ jobs:
           - 12
           - 10
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
       - run: npm install