From 1c6cfb4dc9796a782182f8dfea7bda2c6fe1e9f6 Mon Sep 17 00:00:00 2001
From: "whitesource-bolt-for-github[bot]"
 <42819689+whitesource-bolt-for-github[bot]@users.noreply.github.com>
Date: Tue, 3 Aug 2021 13:03:02 +0000
Subject: [PATCH 1/4] Add .whitesource configuration file

---
 .whitesource | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 .whitesource

diff --git a/.whitesource b/.whitesource
new file mode 100644
index 000000000..55b922e8c
--- /dev/null
+++ b/.whitesource
@@ -0,0 +1,12 @@
+{
+  "scanSettings": {
+    "baseBranches": []
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff"
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW"
+  }
+}
\ No newline at end of file

From 6bdacb2a828a7dbdc5261a6ef926805d592b73d1 Mon Sep 17 00:00:00 2001
From: devkadirselcuk <85363671+devkadirselcuk@users.noreply.github.com>
Date: Tue, 3 Aug 2021 16:04:31 +0300
Subject: [PATCH 2/4] Create njsscan-analysis.yml

---
 .github/workflows/njsscan-analysis.yml | 30 ++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 .github/workflows/njsscan-analysis.yml

diff --git a/.github/workflows/njsscan-analysis.yml b/.github/workflows/njsscan-analysis.yml
new file mode 100644
index 000000000..994d760e9
--- /dev/null
+++ b/.github/workflows/njsscan-analysis.yml
@@ -0,0 +1,30 @@
+# This workflow integrates njsscan with GitHub's Code Scanning feature
+# nodejsscan is a static security code scanner that finds insecure code patterns in your Node.js applications
+
+name: njsscan sarif
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '38 6 * * 0'
+
+jobs:
+  njsscan:
+    runs-on: ubuntu-latest
+    name: njsscan code scanning
+    steps:
+    - name: Checkout the code
+      uses: actions/checkout@v2
+    - name: nodejsscan scan
+      id: njsscan
+      uses: ajinabraham/njsscan-action@master
+      with:
+        args: '. --sarif --output results.sarif || true'
+    - name: Upload njsscan report
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: results.sarif

From f1e08a59a29dcbcb93fc7a039b894a964198a040 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 13 Aug 2021 02:08:33 +0000
Subject: [PATCH 3/4] build(deps): bump path-parse from 1.0.6 to 1.0.7

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 4c2bc2ecf..6e0961c45 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4683,9 +4683,9 @@
             "dev": true
         },
         "path-parse": {
-            "version": "1.0.6",
-            "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz",
-            "integrity": "sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw==",
+            "version": "1.0.7",
+            "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz",
+            "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==",
             "dev": true
         },
         "path-type": {

From 5ef487fe895d7a23e1b821908067c8f259a4204d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Feb 2022 12:26:17 +0000
Subject: [PATCH 4/4] build(deps): bump follow-redirects from 1.14.4 to 1.14.8

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.4 to 1.14.8.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.4...v1.14.8)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 9d34e558b..9be589b7e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2085,9 +2085,9 @@
             "dev": true
         },
         "follow-redirects": {
-            "version": "1.14.4",
-            "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.4.tgz",
-            "integrity": "sha512-zwGkiSXC1MUJG/qmeIFH2HBJx9u0V46QGUe3YR1fXG8bXQxq7fLj0RjLZQ5nubr9qNJUZrH+xUcwXEoXNpfS+g=="
+            "version": "1.14.8",
+            "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.14.8.tgz",
+            "integrity": "sha512-1x0S9UVJHsQprFcEC/qnNzBLcIxsjAV905f/UkQxbclCsoTWlacCNOpQa/anodLl2uaEKFhfWOvM2Qg77+15zA=="
         },
         "form-data": {
             "version": "3.0.1",