From 0ca45ecb2dea4c15f4ab48ca12fa337f3523a638 Mon Sep 17 00:00:00 2001
From: Tedd Mason <teddmason@gmail.com>
Date: Sun, 17 May 2026 14:48:37 +0100
Subject: [PATCH] Updated fws-app with security recommendations, npmrc &
 dependency review action

---
 .github/workflows/ci.yml | 7 ++++++-
 .npmrc                   | 3 +++
 2 files changed, 9 insertions(+), 1 deletion(-)
 create mode 100644 .npmrc

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index fa0fd89..afddb25 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -48,4 +48,9 @@ jobs:
                   -Dsonar.issue.ignore.multicriteria=e1
                   -Dsonar.issue.ignore.multicriteria.e1.ruleKey=shell:S5332
                   -Dsonar.issue.ignore.multicriteria.e1.resourceKey=**/docker/scripts/update-localstack-url.sh
-
+            - name: Dependency Review
+              if: github.event_name == 'pull_request'
+              uses: actions/dependency-review-action@v4
+              with:
+                fail-on-severity: moderate
+                comment-summary-in-pr: always
diff --git a/.npmrc b/.npmrc
new file mode 100644
index 0000000..97de5ae
--- /dev/null
+++ b/.npmrc
@@ -0,0 +1,3 @@
+save-exact=true
+ignore-scripts=true
+min-release-age=7