From c927e100d26e7eab05460dc792c4363be4e9c884 Mon Sep 17 00:00:00 2001
From: Tedd Mason <teddmason@gmail.com>
Date: Sun, 17 May 2026 14:56:01 +0100
Subject: [PATCH] Security update for .npmrc and dependency review github
 action

---
 .github/workflows/ci.yml | 6 ++++++
 .npmrc                   | 3 +++
 2 files changed, 9 insertions(+)
 create mode 100644 .npmrc

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2bb92db..fac3d21 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -43,3 +43,9 @@ jobs:
                   -Dsonar.issue.ignore.multicriteria.e1.resourceKey=**/docker/scripts/register-api-gateway.sh
                   -Dsonar.issue.ignore.multicriteria.e2.ruleKey=secrets:S2068
                   -Dsonar.issue.ignore.multicriteria.e2.resourceKey=**/docker/.env
+            - name: Dependency Review
+              if: github.event_name == 'pull_request'
+              uses: actions/dependency-review-action@v4
+              with:
+                fail-on-severity: moderate
+                comment-summary-in-pr: always
diff --git a/.npmrc b/.npmrc
new file mode 100644
index 0000000..97de5ae
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,3 @@
+save-exact=true
+ignore-scripts=true
+min-release-age=7