Merge branch 'master' of github.com:CSSSR/csssr.images

Author: ArtyomResh

.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+updates:
+- package-ecosystem: "npm"
+  directory: "/"
+  schedule:
+    interval: "weekly"
+    time: "08:00"
+    timezone: "Europe/Moscow"
+  open-pull-requests-limit: 10
+  target-branch: "dependabot-update"

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,27 @@
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [master]
+  schedule:
+    - cron: '40 3 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: typescript
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1

.npmrc

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Andrey Yankovsky
+Copyright (c) 2021 CSSSR Pte. Ltd. registered in Singapore under unique entity number 201909633C
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

LICENSE

@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+| Version   | Supported          |
+| --------- | ------------------ |
+| > 3.3.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+Please report (suspected) security vulnerabilities to security@csssr.com. Use https://github.com/qtm.gpg to encrypt your message if required.
+You will receive a response from us when we get to the issue. If the issue is confirmed, we will release a patch as soon as possible depending on complexity.
+Thank you!