khulnasoft · FortiShield · Mar 8, 2025 · Mar 8, 2025 · Mar 8, 2025 · Mar 8, 2025
diff --git a/.editorconfig b/.editorconfig
@@ -7,7 +7,7 @@ indent_size = 2
 end_of_line = lf
 charset = utf-8
 trim_trailing_whitespace = true
-insert_final_newline = true
+insert_final_newline = false
 
 [targets/**/fixtures/*]
 insert_final_newline = false

diff --git a/.github/workflows/hopp-publish.yml b/.github/workflows/hopp-publish.yml
@@ -0,0 +1,28 @@
+name: Publish Package to NPM
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    name: Publish
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Setup node
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          registry-url: 'https://registry.npmjs.org'
+
+      - run: npm install
+      - run: npm run build
+
+      - name: Publish package
+        run: npm publish --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
diff --git a/.github/workflows/sast.yml b/.github/workflows/sast.yml
@@ -23,3 +23,11 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: Kong/public-shared-actions/security-actions/semgrep@bd3d75259607dd015bea3b3313123f53b80e9d7f
+        with:
+          output: semgrep-results.json
+
+      - name: Upload Semgrep Report
+        uses: actions/upload-artifact@v3
+        with:
+          name: semgrep-results
+          path: semgrep-results.json
diff --git a/CONTRIBUTING.md → CONTRIBUTING.MD b/CONTRIBUTING.md → CONTRIBUTING.MD
diff --git a/SECURITY.md b/SECURITY.md
@@ -4,15 +4,6 @@
 
 At HTTPSnippet, we take security issues very seriously. If you believe you have found a security vulnerability in our project, we encourage you to disclose it responsibly. Please report any potential security vulnerabilities to us by sending an email to [vulnerability@konghq.com](mailto:vulnerability@konghq.com).
 
-## How to Report
-
-1. **Do not publicly disclose the vulnerability**: Please do not create a GitHub issue or post the vulnerability on public forums. Instead, contact us directly at [vulnerability@konghq.com](mailto:vulnerability@konghq.com).
-1. **Provide detailed information**: When reporting a vulnerability, please include as much information as possible to help us understand and reproduce the issue. This may include:
-   - Description of the vulnerability
-   - Steps to reproduce the issue
-   - Potential impact
-   - Any relevant logs or screenshots
-
 ## What to Expect
 
 - **Acknowledgment**: We will acknowledge receipt of your vulnerability report within 48 hours.