[FEAT] Automate NPM Dependency Upgrades and PR Creation Workflow

[cb7chaitanya]

Set up a CI workflow that runs npm audit on every pull request to identify vulnerabilities in dependencies and ensure secure libraries are being used.

[Prakash-Raut]

Can i work on this ?

[cb7chaitanya]

Sure, go ahead
Assigned @Prakash-Raut

[cb7chaitanya]

We currently have a mechanism in place to check for outdated dependencies via npm outdated and notify the team if updates are available (implemented in trivy.yml). While this is useful, it requires manual intervention to update dependencies. To streamline the process and reduce human intervention, we need to enhance the current workflow to automatically create a pull request (PR) when new versions of dependencies are available.

@Prakash-Raut

[Rudra-Sankha-Sinhamahapatra]

Any update @Prakash-Raut