diff --git a/.github/workflows/dependabot-work-item.yml b/.github/workflows/dependabot-work-item.yml
new file mode 100644
index 00000000..e29e1560
--- /dev/null
+++ b/.github/workflows/dependabot-work-item.yml
@@ -0,0 +1,18 @@
+name: dependabot-work-item
+
+on:
+ pull_request:
+ branches:
+ - main
+
+jobs:
+ create-work-item:
+ if: ${{ github.actor == 'dependabot[bot]' }}
+ uses: UKHO/repo-auto-patch/.github/workflows/create-pr-work-item.yml@v1
+ with:
+ pr-url: ${{ github.event.pull_request.html_url }}
+ work-item-title: "FSS UI - Dependabot update"
+ work-item-description: "Please review PR. Created by the dependabot-work-item action."
+ work-item-tags: "File Share Service; TD2; Technical Debt"
+ secrets:
+ ado-pat: ${{ secrets.ADO_TOKEN }}
diff --git a/NVDSuppressions.xml b/NVDSuppressions.xml
index 8723aeb2..ff775304 100644
--- a/NVDSuppressions.xml
+++ b/NVDSuppressions.xml
@@ -4,10 +4,14 @@
^pkg:npm/vite@.*$
GHSA-8jhw-289h-jh2g
+ CVE-2024-31207
+ GHSA-64vr-g452-qvp3
+ GHSA-9cwx-2883-4wfx
@@ -29,16 +33,6 @@
CVE-2024-28863
cpe:/a:tar_project:tar
-
-
-
-
- ^pkg:npm/vite@.*$
- CVE-2024-31207
-