From 353e5b632f2705bdd501504c3663807c54b82f10 Mon Sep 17 00:00:00 2001
From: Sakthi Prakash K <sakthiprakash.kumar@contentstack.com>
Date: Mon, 2 Mar 2026 18:19:23 +0530
Subject: [PATCH 1/2] chore: increase high and critical vulns thresholds

---
 action.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/action.yml b/action.yml
index 0a2ed66..913efb2 100644
--- a/action.yml
+++ b/action.yml
@@ -4,11 +4,11 @@ inputs:
   MAX_CRITICAL_ISSUES:
     description: 'Maximum allowed critical issues (with fixes)'
     required: false
-    default: '1'
+    default: '10'
   MAX_HIGH_ISSUES:
     description: 'Maximum allowed high issues (with fixes)'
     required: false
-    default: '1'
+    default: '25'
   MAX_MEDIUM_ISSUES:
     description: 'Maximum allowed medium issues (with fixes)'
     required: false
@@ -90,8 +90,8 @@ runs:
           const mediumNoFix = process.env.medium_no_fix || '0';
           const lowCount = process.env.low_count || '0';
           const lowNoFix = process.env.low_no_fix || '0';
-          const maxCritical = process.env.MAX_CRITICAL_ISSUES || '0';
-          const maxHigh = process.env.MAX_HIGH_ISSUES || '0';
+          const maxCritical = process.env.MAX_CRITICAL_ISSUES || '10';
+          const maxHigh = process.env.MAX_HIGH_ISSUES || '25';
           const maxMedium = process.env.MAX_MEDIUM_ISSUES || '0';
           const maxLow = process.env.MAX_LOW_ISSUES || '0';
           const failBuild = process.env.fail_build || 'false';

From b20d7adf1d0c4b7afab80b195ade8ee3df6edb7c Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Tue, 3 Mar 2026 11:02:12 +0530
Subject: [PATCH 2/2] Delete .github/workflows/sca-scan.yml

---
 .github/workflows/sca-scan.yml | 18 ------------------
 1 file changed, 18 deletions(-)
 delete mode 100644 .github/workflows/sca-scan.yml

diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
deleted file mode 100644
index 2307d48..0000000
--- a/.github/workflows/sca-scan.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-name: Source Composition Analysis Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-sca:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@master
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/node@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --all-projects --fail-on=all
-          json: true
-        continue-on-error: true
-      - uses: contentstack/sca-policy@main