From c277f8f69432b9ceae9676b64d74e869d82a2c2b Mon Sep 17 00:00:00 2001
From: Microsoft Provenance Contributions <enhanceprovenance@microsoft.com>
Date: Fri, 25 Jun 2021 11:25:49 +0800
Subject: [PATCH] Update package.json to include repository key
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

With the rise in supply chain attacks and OSS dependencies being used as a attack vector, Microsoft is working with our ecosystem partners, such as the Linux Foundation's OpenSSF, to enable OSS consumers to track packages back to their public sources.
We've identified that the following packages published to NPM do not report where sources can be found, typically accomplished by including a link to your GitHub repository in your `package.json` REPOSITORY field. This PR was created to add this value, ensuring future releases will include this provenance information.
Published NPM packages with repository information:
*selenium-webdriver
---
 package.json | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/package.json b/package.json
index 290c7475c4947..70f4cc8250b3e 100644
--- a/package.json
+++ b/package.json
@@ -29,6 +29,10 @@
     "ts-jest": "^26.5.4",
     "typescript": "^3.9.7",
     "xml2js": "^0.4.23"
+  },
+   "repository": {
+    "type": "git",
+    "url": "https://github.com/SeleniumHQ/selenium.git"
   },
   "dependencies": {
     "@apollo/client": "^3.3.20",