CSSSR
diff --git a/‎.github/dependabot.yml‎
Lines changed: 10 additions & 0 deletions b/‎.github/dependabot.yml‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎.github/workflows/codeql-analysis.yml‎
Lines changed: 27 additions & 0 deletions b/‎.github/workflows/codeql-analysis.yml‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎.github/workflows/deploy.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/deploy.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.npmrc‎
Lines changed: 0 additions & 1 deletion b/‎.npmrc‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎LICENSE‎
Lines changed: 1 addition & 1 deletion b/‎LICENSE‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎SECURITY.md‎
Lines changed: 1 addition & 1 deletion b/‎SECURITY.md‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,10 @@
+version: 2
+updates:
+- package-ecosystem: "npm"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+    time: "08:00"
+    timezone: "Europe/Moscow"
+  open-pull-requests-limit: 10
+  target-branch: "dependabot-update"
@@ -0,0 +1,27 @@
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+  schedule:
+    - cron: '40 3 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: typescript
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1
@@ -23,11 +23,11 @@ jobs:
 
       - name: Install dependencies
         working-directory: csssr_images
-        run: npm ci
+        run: yarn install --frozen-lockfile
 
       - name: Build
         working-directory: csssr_images
-        run: npm run build-example
+        run: yarn run build-example
         env:
           HOST: http://master.csssr-images.csssr.cloud
           IMGPROXY_HOST: https://images.csssr.com
 
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Andrey Yankovsky
+Copyright (c) 2020 CSSSR Pte. Ltd. registered in Singapore under unique entity number 201909633C
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 
@@ -8,6 +8,6 @@
 
 ## Reporting a Vulnerability
 
-Please report (suspected) security vulnerabilities to security@csssr.com. Use https://github.com/qtm.gpg to encrypt your message.
+Please report (suspected) security vulnerabilities to security@csssr.com. Use https://github.com/qtm.gpg to encrypt your message if required.
 You will receive a response from us when we get to the issue. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.
 Thank you!