From b9ac8b0981880f0bac3c30d0ed960558674d8e70 Mon Sep 17 00:00:00 2001
From: William Morland <william.morland@gmail.com>
Date: Sun, 29 May 2022 13:50:08 +0100
Subject: [PATCH 1/3] Use Dependabot to keep GitHub actions updated

This will open pull requests if there are new versions of the GitHub actions used by the repository.
---
 .github/dependabot.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 .github/dependabot.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..d872ee7
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    reviewers:
+      - "wmorland"
+    labels:
+      - "security"
+      - "devx"

From aeff86da5ca4c110964fedf8903060c0c2df8baa Mon Sep 17 00:00:00 2001
From: William Morland <william.morland@gmail.com>
Date: Sun, 29 May 2022 18:39:17 +0100
Subject: [PATCH 2/3] Add SECURITY.md and security.txt

---
 .github/SECURITY.md                           | 218 ++++++++++++++++++
 .../alfred_py3_default_browser.xml            |   2 +-
 .wellknown/security.txt                       |  25 ++
 3 files changed, 244 insertions(+), 1 deletion(-)
 create mode 100644 .github/SECURITY.md
 create mode 100644 .wellknown/security.txt

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 0000000..f2eb770
--- /dev/null
+++ b/.github/SECURITY.md
@@ -0,0 +1,218 @@
+# Security Policy
+
+I welcome feedback from security researchers and the general public to help improve this project's security. If you
+believe you have discovered a vulnerability, privacy issue, exposed data, or other security issues in any of the
+project's assets, I want to hear from you. This policy outlines steps for reporting vulnerabilities to me, what I
+expect, what you can expect from me.
+
+## Our Commitments
+
+When working with me, according to this policy, you can expect me to:
+
+- Respond to your report promptly, and work with you to understand and validate your report;
+- Strive to keep you informed about the progress of a vulnerability as it is processed;
+- Work to remediate discovered vulnerabilities in a timely manner, within my operational constraints; and
+- Extend Safe Harbor for your vulnerability research that is related to this policy.
+
+## Our Expectations
+
+In participating in the project's vulnerability disclosure program in good faith, we ask that you:
+
+- Play by the rules, including following this policy and any other relevant agreements. If there is any inconsistency
+  between this policy and any other applicable terms, the terms of this policy will prevail;
+- Report any vulnerability you’ve discovered promptly;
+- Avoid violating the privacy of others, disrupting the project's systems, destroying data, and/or harming user
+  experience;
+- Use only the Official Channels to discuss vulnerability information with me;
+- Provide me a reasonable amount of time (at least 90 days from the initial report) to resolve the issue before you
+  disclose it publicly;
+- Perform testing only on in-scope systems, and respect systems and activities which are out-of-scope;
+- If a vulnerability provides unintended access to data: Limit the amount of data you access to the minimum required for
+  effectively demonstrating a Proof of Concept; and cease testing and submit a report immediately if you encounter any
+  user data during testing, such as Personally Identifiable Information (PII), Personal Healthcare Information (PHI),
+  credit card data, or proprietary information;
+- You should only interact with test accounts you own or with explicit permission from the account holder; and
+- Do not engage in extortion.
+
+## Reporting a Vulnerability
+
+To report vulnerabilities please email [github@williammorland.com](mailto:github@williammorland.com) and include:
+
+- "SECURITY" in the email subject line
+- A description of the issue
+- Steps to reproduce the issue
+- Affected versions
+- Suggested mitigation (optional)
+
+### Encryption
+
+When possible we recommend using [encryption](https://www.openpgp.org/software/) to report serious vulnerabilities. You can find our PGP Public key below and
+in the project's [security.txt](../.wellknown/security.txt) file. Please reach out to the contact address if you have
+any issues or prefer an alternative form of encrypted communication.
+
+<details><summary>PGP Public Key</summary>
+<p>
+
+https://keys.openpgp.org/search?q=9AEC89F0B43B891754292434C0394F55B26FEB90
+
+[openpgp4fpr:9AEC89F0B43B891754292434C0394F55B26FEB90](openpgp4fpr:9AEC89F0B43B891754292434C0394F55B26FEB90)
+
+```Public Key
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGKSnNEBEACogRUbElf5CCH4/jzncwaGFklDJbD+GcvuMaZcvQBEUiMcp2LS
+UCzBH55qmGai1kJPsAWDtWX7hqepcri48kTBqkXZtWPvqKLnwBegJKnyi+6AiO4O
+LhgnphNVr1eoWMsaW3+pdMHJX7vJu6K3XJdn3qJ5sUWilPdRcSJbaAazdPBobBKk
+ZBNfRg7Bq5+xJz/suYHl0U8Of2ADkfTSeBvtgIgXYR9rRTWTzpak7pm22M61ArqA
+9RYqU0wJPRH2GUKJehe7oDjSJekcPHJLDENo8w7m/n4kiX8CmkzJGATcASrR0Her
+oTDldatbo10TAcHxxtd2k2txZMLlfy6tGQDyQ1oBy31Q2sJ9Gq8c1YdzqAHLN11g
+7qNlfBIrgbyLpYCto/kqmVpDEFApMmE7zFd765iuQQUfO/Cv5UlXqRIqpm3NJZDv
+QQM8p8R9f44BFUjzmsBfnNx+4o+CjpL9LjnZ0Mn4NfpFwlQjrPE+ThY9JLb5MxF9
+i+lmS2JfLAPu+YhGtR9RSZ02KtKNC+I9Hp2bIg21z2GeciaaV1dEYyDoB8WjDfjp
+vrEBQ5+esKkz0B5p263PM5H5rDx6eIMoMtRJHT3+/k1MMtNuNHuiRtKfAK0YCNNA
+1zznS0JbRkRIje0846OsTN9E3hVI80KF3rPUxOMXgksGsvt4Nd36fp8F2wARAQAB
+tCtXaWxsaWFtIE1vcmxhbmQgPHdpbGxpYW0ubW9ybGFuZEBnbWFpbC5jb20+iQJP
+BBMBCgA5AhsBBAsJCAcEFQoJCAUWAgMBAAIeBQIXgBYhBJrsifC0O4kXVCkkNMA5
+T1Wyb+uQBQJik3TqAhkBAAoJEMA5T1Wyb+uQZZ4P/iBbfMuBZBqKxtAqcX22pKBz
+0h6TLP0h96/OkCGtOxgHqCAIjhCbwHoCdzsS0fUjuWdIiKhlrHOwLfMCs6pJNfHv
+zWA9Q8ueeNwIVwNa6VLng3GePjq3rKgE+ioDvMeD13L8XOWPmf2c2uy+nJ02UVPP
+LGY3u3Y6CfKrCIXpJo+6FKLgIjQi1GPKyJfXcNGuLrTUAgXq1SBPKWEzL8v1rrrt
+kdua7RbDQ+wCHHMUT0CoAYCsvm/Ex0LbIAcAul71V//TiayATkkRk0iquy/k2H4T
+6e4dkNVt1QIbdJzUeKYXlY2la5dVUoeGs+DgiW1OzWq6mmWbcJPEA2ECReqFJDvb
+gzpcO3JMnwTiZqjmIF4zEtLONQyfK89IJtI/BAB9i7O1RiNBBS/7ZYmjA25hyr1o
+OZFaK+ykvLRuvmobTnjujlcmzmU4J+NgRsjk/fg8jPbkuEkSwYosuORAd/CAM8cN
+MxvfHHx5FbDne6NRM0XikOEN52mNReXYoC0mrA98ZKNMjt1+YeXx0naukNmKVibC
+/kggU6FTKogfdHb4t7GGqcCIq3bltrBBm0u3e+JyhyQe4PCKIoQ2WGNY9EKCQ4Ef
+CFgK5iWxsR04QYnQP2qBtFVfTFQqAPSzDYUdJbPG/Xsh2gEa2eombkrR4UGSUEOO
+s6fM5uFV+1nYEdWAzhPqtCtXaWxsaWFtIE1vcmxhbmQgPGdpdGh1YkB3aWxsaWFt
+bW9ybGFuZC5jb20+iQJOBBMBCAA4FiEEmuyJ8LQ7iRdUKSQ0wDlPVbJv65AFAmKT
+dS4CGwEFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQwDlPVbJv65DUfg/+OkrT
+VDMBHe/Y7yXhKRhdVhBFmthIUYxpiM8FGsu6taXDryYXjJcF/LdGzKAXqdHY2Dul
+daj2zFK9V05xZ9/jEUBqo1iQlaqqebelie3bWAgJWBo8+smqzbXUh8Xb6qzMSpJo
+H/aJG6tv63TYZcskXIm9L295ZGX0xfjIH/ID9PTnH5jTV39iBXGJjJe7PMeZAR5x
+HAkDb6O0PJgCJxDsP80by44i6DU2jW7/FZBATEFMgr10hZVb7DAjWPvQv5b5YBjv
+7NFfkRhKP0KbOv3MEeBWn/57ajwES3bl6ZmQgt8mLE/Cjp0dD4JMEEILiVNNkttL
+JcShIG4MJhlpQWM4O13u9Ygc2kOePhjBK71pSj1CsuLuvBgc0o15J5uQ6zb01wuD
+LMhGf6O/YfbAeu2KavvlkOU/HStG+eY3niE3WEn+jtRwPOl6Tjo/BSehLw8FulQg
+o5XamfzA/UD68MzOZAnx22Nj8HtWDrOIlEJnNjF6bgE1IRxSsZ5McXgLuSup6Xgx
+OhudpRbHxfs4rNihomwvm8ZzhxJ8w7iv24BESMHt0QPu0J3ZLwbv4HG2v8NtZN56
+qdOJWKY49lG2XHh7aYiwnfSAVXlz4Hi1krU0CKHZrln1WenuqqtDIYHSrby3C6NY
+omH7IAGOoYIhLnuUem/DO73RzPmJWHqUk+cE1cC5Ag0EYpKdSQEQAL9vNyNkLdud
+nhSNG4yoPfLU982ETqzw6bQFjYNnvByOkvin/24TPnhJM+I7X9mm/+lqW7veqXrZ
+4w3H1yLGTb8vQQ4sJSTj0rbiEEW4bwkg+svYFOSANoG4iCb+uy2R+f9Wa0hSXeJo
+sIFda41mhLhVu2vw7sHxIsMcmKDuKdIJsyP52IMxmWa2UCwv1JQcNEF/e3SV/Mn2
+ecK1ZalMmd04r7nQCfQY188sEkZrxgHgq1YvhDP6CvIbNHbvcwdcICNKySzkJRn3
+oNIph2nwWJ9Z0JEkLmaWszoL5nwge9ftoXOASyRqNYmyqvJEdyDUNPU386avFv8t
+R6fskShTZ6O4XVsYi6+TqoXhZJbp8QgHZMLO6Or6tvFu/4+Exp6HuXvwbTrXVCRj
+wCdHsvAialKroHU+iN9U/KFN4qWfAZ9vIvBxBt+Wis5GKX7+B6Du0VULCP5je7zQ
+V5E6kypRtPHa4cIIA3LGAKus8h5BR1zNn/jESafy+dxtysV0yS1D4idTAncG839I
+Ts0jryAuW9qNdpfdoybhar/yDwg2+8rpEOdi4asoLTGFecYhBSYvrQBSam2hG8ti
+SgIF7BJOuxHbltnFof3ImQWv3Uy+L/2Y4RU0tLFyj56bF+NMaS7hSCNvzKBnRN6u
+MPbK3FibEHX+1K/O34/2AWRJthstPTM/ABEBAAGJBHIEGAEKACYWIQSa7InwtDuJ
+F1QpJDTAOU9Vsm/rkAUCYpKdSQIbAgUJAeEzgAJACRDAOU9Vsm/rkMF0IAQZAQoA
+HRYhBMP8d6E0SI9cnKEwpFxkMJa8N/JHBQJikp1JAAoJEFxkMJa8N/JHyf8P/0TW
+yPRmI+80ERODidNyMb/3CdY8P9j2MQq9oOLEnV0zmlSMhAQR0bCGAt6jA+SBnvVq
+1idEugIf+W1YnlYkxpTf8wrBGcxdjuZTUgVlAs5idWN2QDEUEXBdL231HktKV3vN
+HsQJ2sWx4lW6Zp/oexDNqAkdjvuoNakIqq0NNJT3XM0s00Oxki2C7uPrcqy5S0zD
+Vh/Ls0q1kz8XrDAJ/ZysQAZFGzyJD/OUd54EnlIeHxt5Qhis3Of6xYV6Ix1+c5/c
+B3effxcXo0dL7FCEQpNaYKcRkO70YGGL0UE2izamm56QJxADPyrrKnqT6/ru2w16
+8UaY3FvdZjceeT7pkf9Vh/qhBfpi6OCQIscHCTx+D0bP5320c2A48EZHqNY61TcO
+JH5yZmHe4cjd/5AJaZAefxdieUkQvnPfJYcp7PKsuXxzaKaJRVldKpMhutRR77cI
+vpBTfrQhiYPCEuQ85lhajqnZJlwHptfLd///OT5ZebDz8vJ3/tRrApQSgCf8bXMx
+ZnrL2EtyV+wAxAbdWAkm4CWiWP19g+2DNEOvKZNqmg7pJ5P3MAk5tutBShuAxUk3
+7NxW/vnvtSgda2iZoV8R958SY3lk2ePNViNnk8CF7ba3+6jU6KriaBhbONcubKYc
+Jmg64DfTV7NyagBCqeoIfN8REK4zcZq/prgIzvnGMYoP/16vJeRUR47xqy/edg2N
+ShOeyxCuCXbmNO+LtXuDgdgSsjMldUDrwzxzaFvYHBw43CdigT6rS/sAJIAy6EU0
+lg76KhJ8AhaCZ4sE/S7qmD9dEIwRwVOEgGXp48W9ZYvOrz4cs/xAiBp7w4Ea/6sv
+tl6/HFKKOvKmTQMZTcIUL7tNWhKokx2aW9aZI00hd2sa1D/36nkx/xLQ3sPJPUyx
+or1DsF8eVJPTQYmvh7M9M8oQbSjZD4ZIZe7E54s4LOjCoU7xTgNRw9/8MhTxLc72
+lFYMZlMrF3O0QJJqHKE+5PVoWX3rdAb6HBx2LiTMTtJaqodcdoMvV0xxgmotRC8D
+FfoqeDJouY22vfGjst4PZ7/JBDNrtoCzEmNApiIHG2KjgsCViJu0XQYNG4TklIPI
+piUPy2ITGt+ufuEFgMVBlmmsMGHMZqqopnj3tYFXrAKElsKCwq3n0cDmfwXGJkE9
+shXNtrhzArogRM7GMK9G+dWp5yYUMOb9SV/5xBTj6Gwm976JQcugxH1Byyh08BMm
+7X2aLQlEe/0j+O8ffcY42R3CK3UeBHosXmxsZYzQnJ3WX8zr0Nw5CId/g4KVa2o2
+e5aRhMDX00z+P7ZS1s07QWPZEJKax7tTZY1/L0KNzkXguyW7cbXd3IiJ4ZpGvwWD
+QfK7555XILc0cO9pOt7GYdnuuQINBGKSnYEBEAC9Xh6yQwdlsVzIzag1vrBmA0kl
+HWvhtb4xZrNtIXNRasKblSnW0s+JRf0vdaGX7berlcl7oIVntPLg1g45iypZSuP1
+cYN0F1rsqVmu51p5YUvU1r4xhf295eRkLd7rrIU4knOcLjVwR6D/pqm4RiDsBK5g
+4HDYhMuTB9WU+ARHwjtyP5IPrWuC6cw8QkePi7zP6oUILuvf5c+FM2iEzRFTjlFT
+T2FC5lwcmWRowBN87uXj4USbJ9lIChLMeezK3K9dimh8S2bKQhSBv4BwGhTeVmzl
+Dc78fu6g5d/4n4PLMAA2Mr+wmnRHBx4KVQ1HWg/ealT+vQj3376CrmlmmNkcPPmu
+HQ1ND0ssHb6iI6GVJmx6Km/q/Twd3F9lPwi1D2flfc+y4nzhyDYpOTOx+NiyoSpv
+LHXvQ/5IvADzwbrPlskK2QcFj/QwpDktbbi/Urw1iSD0lPAbbwUL/cTiWiG725w0
+Uew0eY8pABeDBlTvS6U35fsi//kJsT5wEjQT3LOomwdqjnGdxYF7dimGMFobRYZL
+67sS4yDQYXODxIR2EmevJgGB0WRowY2dn3osLFT1VLOMfR7F5haY/4S7F6KHwGME
+Vgp5IlAgUS/zVRSz6HrqxxHi8C/zrPxrgGYoLxKm4qglnki8BQp+/DlG9xEv7rQR
+QU1Ap2H70KsXpP1PjwARAQABiQI8BBgBCgAmFiEEmuyJ8LQ7iRdUKSQ0wDlPVbJv
+65AFAmKSnYECGwwFCQHhM4AACgkQwDlPVbJv65Cm/w//R8jeMVHIYBtlHkNfJdm0
+/yt6TvXaCUp2Ayj/m9fvJYuY6PcdpCdMtKOpiOPPQfdUuXHv0eHivx2bqzkXwAHw
+3v21bHUSiY/y2MMbqAJoRKdtIjXmetBGHNeW+dlCg/vfGBGYXnbq0pQznVwKyi09
+gqXngr5EdWIgnX3+4avrxSBkTKyZi3KiWJ/QXD+c2K6i3libd+zHfGGGlMkQfFeO
+f6eCrF4pzIlfSLggNhnxhudXfxyqKOJOEwKoOSoAnpGwQhyBZZehquh5jSyfHwRH
+dS+uuMiVx9WH5VlItqyTfDc/XY6oAvPpIuoaWKNdKgo2PwxyZIpb1XECHLt2eQ0n
+jjAPy76mP/yz9Xxf6O8Ht7K5PRmf2htFR1PM7oJGEyD770GBTu0ACIuSs39FEZNY
+6TydzBfZV1Wa6Y31FbZU1ZOdIcZbYX71KqGbqvQ/LSKw0uHtaLqYMDgIIImgChYO
+eP9vufmwJvyvMkc6Ftzw8ZQkGhkkyvwcBZbb6BQo7xkd5nEch87F7y7NBy6FcC/O
+sQt1fCCOfY+3UOBkNxPUe0EMNH+smj057lVpsiH/6wSYh657SRxPAF8IV+dKI9hh
+tlpCi2Q1U1lS/NN6VNoSgIDTroh3G/vw4lmiEWhusqCFIRr39/hfuZGJQ3euxPcP
+i6NmHDJdGA1YveVXPfGlWPi5Ag0EYpKdugEQAMDc7/TdXSi0lAfwQls54NVfavmv
+dumX+A7hseK3rZugfzepMs3716AxbPYhKRGn5bwv0426vrDnqdtI39yg1ZMLyphX
+6tV5XstpLXWWbj1utUT+uOZRExhyX3Izz5s7KM+dUKLiL8cvXyEnlCkKkrRG9wTr
+tAX58K2a9ErpuxovUYLIvi10pLds+04E7LFNmRIBBYfDRu/JwALvaauMHwxrZHjg
+nmyRszamTFLM4mDueZgFd8IPK5NELPICcfl1uskZG/bflWsTpj+3Jd01KcWHwhnM
+yBa7vPjqsVTyjU+8u/VIq94IAYI1BPYC5+k9AP6BQgk1+grv2v17W9FwULjFOGyI
+ZuFk243msAshc52Jai/Fs193BX01+XUwCpODLawzcKDn7kwmr86A5fXFyOKYy46b
+n3+jGIG8qLjqbLZwYOZsI6lFOQSrx0fOk9quIFjQ0oMPc36qFT9gaYoX4tE2xtMi
+W/Hr/OsJ3j6tdm+kZIScQezCXB2x4oFqIuo5iAhnRB7SdIri3Scix4qwwVb+MEoq
+SyvyD4iVZAtbIVsZaZnOQk+owp75ojQXiUr5dspRo+WPN+/eCm+W04fZpOs1f61h
+6QITf4A538F6O4wxTpgWndaa7Y3b93LBz6HBIF6E2vONJeLA55luRqSYAfm4czHx
+RzWZ6ps6gZsI7povABEBAAGJAjwEGAEKACYWIQSa7InwtDuJF1QpJDTAOU9Vsm/r
+kAUCYpKdugIbIAUJAeEzgAAKCRDAOU9Vsm/rkHaTD/9xc57AosdrHLblT3xq6wuv
+/YeNHSiMMktE0KLXBAmCTkIp3Z8n44ZuQjqCXXjVUuBf6mDuICnTkJUqOHV19g0p
+2m93H5eHBcnFVYnMNv/Lefohpd+8GO2PAKaFTyAt3mn1QZnq921MfM70ywI/0uyu
+Vf0TOj3C4Aqfw2qY4pjoyp/PldeNb/lEwjKchUm0/iqRhx8pXKbIgC4y2+VX8GZH
+lGqlRhcQfRnKg8GQKyWVBORZ8gD6saedwtNfA2wOLgNbd53Xo4WhfUHI9Y0icBho
+yLcLTmjzmqWr1kkSz7dp3DjUWKHGq0Gn1+/qSdKU7VoJ9tpcWzBJ7yq6OW941IDP
+hkcDOlO15ewI1NRypLbL4eu1wEmdBTJ7Rle/re5evNxr4uS2WTgcD5Mf5xFFXfG+
+t5v9yiSEU/oMlMdRK8Y+ZxEyxtF2BZhSNuUzWZZGzRKrp7zHZ702UMC/B2WxdTpZ
+2GswQXK8V4/ieeFbvWA8hVWfVeHbZCnkv9HdhjPCIrayrt6OzPfIfpUid/gjTqRl
+HU/WYmGKI8l504p6RdJ7s9j3PFf5KKzUl3O4/6IuCVgv5y8+0LCZbG9Leb8A3NHt
+R5smX7zN009+ztiXJax2uSIZ878fmF8OpRB54d+N6lMaWLn9dK4QAQkb66UXpDQ4
+ZAG/MKT9kWU/Uj0Slf1YmQ==
+=YAxd
+-----END PGP PUBLIC KEY BLOCK-----
+```
+
+</p>
+</details>
+
+## Safe Harbour
+
+When conducting vulnerability research, according to this policy, we consider this research conducted under this policy
+to be:
+
+- Authorized concerning any applicable anti-hacking laws, and we will not initiate or support legal action against you
+  for accidental, good-faith violations of this policy;
+- Authorized concerning any relevant anti-circumvention laws, and we will not bring a claim against you for
+  circumvention of technology controls;
+- Exempt from restrictions in our Terms of Service (TOS) and/or Acceptable Usage Policy (AUP) that would interfere with
+  conducting security research, and we waive those restrictions on a limited basis; and
+- Lawful, helpful to the overall security of the Internet, and conducted in good faith.
+
+You are expected, as always, to comply with all applicable laws. If legal action is initiated by a third party against
+you and you have complied with this policy, we will take steps to make it known that your actions were conducted in
+compliance with this policy.
+
+If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please
+submit a report through one of our Official Channels before going any further.
+
+> Note that the Safe Harbor applies only to legal claims under the control of the organization participating in this
+> policy, and that the policy does not bind independent third parties.
+
+## Acknowledgements
+
+- Credit to https://github.com/Trewaters/security-README for helpful guidelines on setting up security files on GitHub.
+- Thanks to https://github.com/securitytxt/ for their work on standardisation.
+- Thanks to https://github.com/OWASP/ and particularly
+  their [Vulnerability Disclosure Cheat Sheet](https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.md)
+- Thanks to https://github.com/disclose for their Safe Harbour and other terms
diff --git a/.idea/inspectionProfiles/alfred_py3_default_browser.xml b/.idea/inspectionProfiles/alfred_py3_default_browser.xml
index 608ce2f..8d81d79 100644
--- a/.idea/inspectionProfiles/alfred_py3_default_browser.xml
+++ b/.idea/inspectionProfiles/alfred_py3_default_browser.xml
@@ -124,7 +124,7 @@
     <inspection_tool class="EmptyDirectory" enabled="false" level="WARNING" enabled_by_default="false">
       <scope name="lib" level="WARNING" enabled="false" />
     </inspection_tool>
-    <inspection_tool class="GrazieInspection" enabled="true" level="TYPO" enabled_by_default="true">
+    <inspection_tool class="GrazieInspection" enabled="true" level="TYPO" enabled_by_default="false">
       <scope name="lib" level="TYPO" enabled="false" />
     </inspection_tool>
     <inspection_tool class="HtmlExtraClosingTag" enabled="true" level="WARNING" enabled_by_default="true">
diff --git a/.wellknown/security.txt b/.wellknown/security.txt
new file mode 100644
index 0000000..a87750c
--- /dev/null
+++ b/.wellknown/security.txt
@@ -0,0 +1,25 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+Contact: mailto:github@williammorland.com
+Expires: 2023-05-28T22:09:00.000Z
+Encryption: openpgp4fpr:9AEC89F0B43B891754292434C0394F55B26FEB90
+Preferred-Languages: en
+Canonical: https://github.com/wmorland/alfred-py3-default-browser/blob/main/.wellknown/security.txt
+Policy: https://github.com/wmorland/alfred-py3-default-browser/blob/main/.github/SECURITY.md
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAEBCAAdFiEEw/x3oTRIj1ycoTCkXGQwlrw38kcFAmKTrh8ACgkQXGQwlrw3
+8kdQjw//dGL2aSEGtb/K+auHjXslEI4izA8SAfs+ud2QgxsXA41Jx48dlLpoaQsA
+cwN1lM1XyhyVcMQdOZi1cgA+cSKteSVcWD9/drKrotMAbZ5KF6WNfFEfZ7lnaqkz
+XQSNHUC1XL+dSJCbC1+PwuuMnermdzMzRDR+BSr2g2he4/zpOiUwIycmBwg8oGjC
+WKLo7IBQUIb7Dcs4cc7UPg7rp7Ktj8doCIsxTbmtSxTqHOLJSeRzH2NHAd/e+5Lb
+iwNmc88bzBka4OU9/Cj28dQZ2p7DjAouh3yf/XxAG0NaVzP9iDIHhh85xfRWUUsW
+ni54Z4KVKsFqFCpKLe3zDhwki48yGcetPEO2jDjaFXak+A6QkqbNZ712JmMoM4IJ
+rHD12wOLW739nS2d4Jz1mAe4Gj++Vx66beWnKfK6iFoC6Rp79L0uCh1xscTN/J+x
+Lzj2nRDqdKCQiljnW0pBPMi7/FTH5JW9570JI0o36PAti5kZno+Ecia+b3bvkHql
+T31gCKsYKHFO8goL34x/0DeYy3GeQfT9UEb6HIZyLTxkfdPZUWQh3Iaqvypi9liG
+R4NJhC55jdRp9ttZPZ2zHoDWogZDpnW33RY86xYbcHaD9u7xNauZFffScS17YUlH
+yZ1qP3uZZ8Kj5+Kj9xVpwPdv35n6f1aIhhskJR5nTE64DHp1vMs=
+=3gfC
+-----END PGP SIGNATURE-----

From 41f39f16d6cb5f920eed1a4ec0bbdfee129151e9 Mon Sep 17 00:00:00 2001
From: William Morland <william.morland@gmail.com>
Date: Sun, 29 May 2022 19:09:58 +0100
Subject: [PATCH 3/3] Add CodeQL

---
 .github/codeql/codeql-config.yml      |  6 +++++
 .github/workflows/codeql-analysis.yml | 37 +++++++++++++++++++++++++++
 2 files changed, 43 insertions(+)
 create mode 100644 .github/codeql/codeql-config.yml
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
new file mode 100644
index 0000000..8f1b48f
--- /dev/null
+++ b/.github/codeql/codeql-config.yml
@@ -0,0 +1,6 @@
+name: "My CodeQL config"
+
+queries:
+  - uses: security-and-quality
+paths-ignore:
+  - 'lib/**'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..91dbf98
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,37 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '29 16 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          config-file: ./.github/codeql/codeql-config.yml
+          languages: ${{ matrix.language }}
+          # Will need to change this as part of https://github.com/wmorland/alfred-py3-default-browser/issues/3
+          setup-python-dependencies: false
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2