Handle Security Releases

### Problem

It is awkward to make silent security releases.  We can't currently use releaser and we either need to remember to add the changelog entry after the fact, or manually set the version when making the next release.



### Proposed Solution

Add a workflow on `releaser` that creates a silent release with a placeholder entry in the changelog.  This placeholder would be honored by the `next` release target.  Additionally, once the security advisory is published, we could add a workflow that updates the changelog with a link to the published advisory, and creates the public GitHub release.



### Additional context

Example of a manual GitHub [release](https://github.com/jupyter/notebook/releases/tag/6.4.12) and changelog [PR](https://github.com/jupyter/notebook/pull/6452).

<!-- Add any other context or screenshots about the feature request here. You can also include links to examples of other programs that have something similar to your request. For example:

* Another project [...] solved this by [...]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Handle Security Releases #333

Problem

Proposed Solution

Additional context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Handle Security Releases #333

Description

Problem

Proposed Solution

Additional context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions