From 606a7c532c4f5407e4a6d483cc16b7d59a3e2c35 Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Fri, 27 Jun 2025 12:47:04 +0200
Subject: [PATCH 1/7] Create test.yml

---
 .github/workflows/test.yml | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 .github/workflows/test.yml

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..8065235
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,8 @@
+name: test
+
+on:
+  pull_request: {}
+jobs:
+  snyk-cli:
+    uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
+    secrets: inherit

From cc3fef6cebdc6802553b7f1238034948e2d168ee Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Fri, 27 Jun 2025 14:29:15 +0200
Subject: [PATCH 2/7] Update test.yml

---
 .github/workflows/test.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8065235..bba428b 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -5,4 +5,6 @@ on:
 jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
+    with:
+      runner: ubuntu-latest
     secrets: inherit

From 4fcd45ed6edbcec292b99e543e5db6d31227d69e Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Fri, 27 Jun 2025 14:50:47 +0200
Subject: [PATCH 3/7] Create test-gha

---
 .github/workflows/test-gha | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/workflows/test-gha

diff --git a/.github/workflows/test-gha b/.github/workflows/test-gha
new file mode 100644
index 0000000..af03720
--- /dev/null
+++ b/.github/workflows/test-gha
@@ -0,0 +1,18 @@
+name: test sca scan gha
+
+on: [pull_request]
+
+jobs:
+  test-scan:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout app code
+        uses: actions/checkout@v4
+
+      - name: SCA
+        uses: auth0/devsecops-tooling/.github/actions/sca-scan@main
+        with:
+          SIGNAL_HANDLER_DOMAIN: ${{ secrets.SIGNAL_HANDLER_DOMAIN }}
+          SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

From e1f47e3fa4af4e0895d55f93ae9e71bdcf900551 Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Fri, 27 Jun 2025 14:51:44 +0200
Subject: [PATCH 4/7] Rename test-gha to test-gha.yml

---
 .github/workflows/{test-gha => test-gha.yml} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename .github/workflows/{test-gha => test-gha.yml} (100%)

diff --git a/.github/workflows/test-gha b/.github/workflows/test-gha.yml
similarity index 100%
rename from .github/workflows/test-gha
rename to .github/workflows/test-gha.yml

From 690b45d10e4c5a831868463f4f02c28d966359d8 Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Fri, 27 Jun 2025 14:53:28 +0200
Subject: [PATCH 5/7] Create pom.xml

---
 pom.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 pom.xml

diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..1584f85
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,51 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>dependency-validation</groupId>
+  <artifactId>scan-target</artifactId>
+  <version>0.0.1-SNAPSHOT</version>
+  <dependencies>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient</artifactId>
+			<version>4.3.2</version>
+			<type>jar</type>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpclient-cache</artifactId>
+			<version>4.3.2</version>
+			<type>jar</type>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.apache.httpcomponents</groupId>
+			<artifactId>httpmime</artifactId>
+			<version>4.3.2</version>
+			<type>jar</type>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.fasterxml.jackson.core</groupId>
+			<artifactId>jackson-core</artifactId>
+			<version>2.4.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.fasterxml.jackson.core</groupId>
+			<artifactId>jackson-databind</artifactId>
+			<version>2.4.0</version>
+		</dependency>
+	</dependencies>
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.5.1</version>
+        <configuration>
+          <source>1.7</source>
+          <target>1.7</target>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

From 6455944b2736767447af55f6bc5b5702533300b2 Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Mon, 30 Jun 2025 11:05:44 +0200
Subject: [PATCH 6/7] Update test-gha.yml

---
 .github/workflows/test-gha.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/test-gha.yml b/.github/workflows/test-gha.yml
index af03720..3bf3618 100644
--- a/.github/workflows/test-gha.yml
+++ b/.github/workflows/test-gha.yml
@@ -1,6 +1,9 @@
 name: test sca scan gha
 
-on: [pull_request]
+on:
+  pull_request_target:
+    branches:
+      - main
 
 jobs:
   test-scan:

From f3c34cfff2f31e58df49191312f48febfd84fdc6 Mon Sep 17 00:00:00 2001
From: norbertogarcia-okta <norberto.garcia@okta.com>
Date: Mon, 30 Jun 2025 11:05:54 +0200
Subject: [PATCH 7/7] Update test.yml

---
 .github/workflows/test.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index bba428b..c511d99 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -1,7 +1,9 @@
 name: test
 
 on:
-  pull_request: {}
+  pull_request_target:
+    branches:
+      - main
 jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main