From 075accdfc11ec48e85bcc118deb32c0dcba73967 Mon Sep 17 00:00:00 2001
From: tanya732 <sinha.tanya26@gmail.com>
Date: Mon, 2 Feb 2026 11:41:31 +0530
Subject: [PATCH 1/2] Bumped versions

---
 .github/actions/maven-publish/action.yml      |  2 +-
 .github/workflows/build-and-test.yml          |  6 ++---
 .../workflows/gradle-wrapper-validation.yml   |  2 +-
 .github/workflows/java-release.yml            |  2 +-
 .github/workflows/rl-secure.yml               |  4 ++--
 .github/workflows/semgrep.yml                 | 24 -------------------
 .github/workflows/snyk.yml                    |  2 +-
 7 files changed, 9 insertions(+), 33 deletions(-)
 delete mode 100644 .github/workflows/semgrep.yml

diff --git a/.github/actions/maven-publish/action.yml b/.github/actions/maven-publish/action.yml
index 01e3a621..e049da38 100644
--- a/.github/actions/maven-publish/action.yml
+++ b/.github/actions/maven-publish/action.yml
@@ -17,7 +17,7 @@ runs:
 
   steps:
     - name: Checkout code
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
 
     - name: Setup Java
       shell: bash
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
index f86ed60e..3a4d34dd 100644
--- a/.github/workflows/build-and-test.yml
+++ b/.github/workflows/build-and-test.yml
@@ -10,8 +10,8 @@ jobs:
   gradle:
     runs-on:  ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-java@v3
+      - uses: actions/checkout@v6
+      - uses: actions/setup-java@v5
         with:
           distribution: temurin
           java-version: 11
@@ -21,7 +21,7 @@ jobs:
       - uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d
         with:
           flags: unittests
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@v6
         with:
           name: Reports
           path: lib/build/reports
diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
index ce302cb4..993496f7 100644
--- a/.github/workflows/gradle-wrapper-validation.yml
+++ b/.github/workflows/gradle-wrapper-validation.yml
@@ -6,5 +6,5 @@ jobs:
     name: "validation/gradlew"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v6
       - uses: gradle/wrapper-validation-action@8d49e559aae34d3e0eb16cde532684bc9702762b # pin@v1.0.6
diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml
index 00771307..1ab703f9 100644
--- a/.github/workflows/java-release.yml
+++ b/.github/workflows/java-release.yml
@@ -29,7 +29,7 @@ jobs:
 
     steps:
       # Checkout the code
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml
index ef329594..7dc1c4c4 100644
--- a/.github/workflows/rl-secure.yml
+++ b/.github/workflows/rl-secure.yml
@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
       - name: Set up Java
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: temurin
           java-version: ${{ inputs.java-version }}
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
deleted file mode 100644
index e0227e37..00000000
--- a/.github/workflows/semgrep.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: Semgrep
-
-on:
-  pull_request: {}
-
-  push:
-    branches: ["master", "main"]
-
-  schedule:
-    - cron: '30 0 1,15 * *'
-
-jobs:
-  semgrep:
-    name: Scan
-    runs-on: ubuntu-latest
-    container:
-      image: returntocorp/semgrep
-    if: (github.actor != 'dependabot[bot]')
-    steps:
-      - uses: actions/checkout@v3
-
-      - run: semgrep ci
-        env:
-          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index 457b6afa..d299ee7b 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -30,7 +30,7 @@ jobs:
       - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
         run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
 
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           ref: ${{ github.event.pull_request.head.sha || github.ref }}
 

From b5de2ecc448304571af0481fcc1c3ab878727deb Mon Sep 17 00:00:00 2001
From: tanya732 <sinha.tanya26@gmail.com>
Date: Mon, 2 Feb 2026 13:00:01 +0530
Subject: [PATCH 2/2] Added semgrep.yml

---
 .github/workflows/semgrep.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/semgrep.yml

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
new file mode 100644
index 00000000..fbb7b6dd
--- /dev/null
+++ b/.github/workflows/semgrep.yml
@@ -0,0 +1,24 @@
+name: Semgrep
+
+on:
+  pull_request: {}
+
+  push:
+    branches: ["master", "main"]
+
+  schedule:
+    - cron: '30 0 1,15 * *'
+
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      - uses: actions/checkout@v3
+
+      - run: semgrep ci
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
\ No newline at end of file