From 5938d38e2eb945d5fc0d9ce4a56d13d23324d6b5 Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 17 Jun 2026 22:27:44 +0530 Subject: [PATCH 1/7] Bump com.auth0:java-jwt to 4.5.1 and release Android Guardian SDK --- .version | 2 +- guardian/build.gradle | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.version b/.version index 42624f3..142464b 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -0.10.2 \ No newline at end of file +0.11.0 \ No newline at end of file diff --git a/guardian/build.gradle b/guardian/build.gradle index cc6846d..fd718a1 100644 --- a/guardian/build.gradle +++ b/guardian/build.gradle @@ -88,7 +88,7 @@ dependencies { implementation 'com.squareup.okhttp3:okhttp' implementation 'com.squareup.okhttp3:logging-interceptor' // JWT signing/verification - implementation 'com.auth0:java-jwt:4.5.0' + implementation 'com.auth0:java-jwt:4.5.1' testImplementation 'com.squareup.okhttp3:mockwebserver' // Mockito From 89edcbbbd53e460b4fff111ff7c8c67bcbd6a818 Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 10:39:51 +0530 Subject: [PATCH 2/7] Fix SCA scan: set Java 17 and pre-resolve guardian dependencies --- .github/workflows/sca_scan.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 8bef070..08ef157 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -8,5 +8,7 @@ jobs: snyk-cli: uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main with: - additional-arguments: "--exclude=README.md,.jfrog" + java-version: "17" + pre-scan-commands: "./gradlew :guardian:dependencies --no-daemon --console=plain" + additional-arguments: "--file=guardian/build.gradle" secrets: inherit From 38ed42b41f869c07527877891d3a521765304c8f Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 10:47:26 +0530 Subject: [PATCH 3/7] Fix SCA scan: fixed additional arguments section --- .github/workflows/sca_scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 08ef157..6a468c2 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -10,5 +10,5 @@ jobs: with: java-version: "17" pre-scan-commands: "./gradlew :guardian:dependencies --no-daemon --console=plain" - additional-arguments: "--file=guardian/build.gradle" + additional-arguments: "--exclude=app" secrets: inherit From 8ff3655bc3c3b62ebfea0d3f270d3da270c27903 Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 10:39:51 +0530 Subject: [PATCH 4/7] Fix SCA scan: set Java 17 and pre-resolve guardian dependencies --- .github/workflows/sca_scan.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 8bef070..08ef157 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -8,5 +8,7 @@ jobs: snyk-cli: uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main with: - additional-arguments: "--exclude=README.md,.jfrog" + java-version: "17" + pre-scan-commands: "./gradlew :guardian:dependencies --no-daemon --console=plain" + additional-arguments: "--file=guardian/build.gradle" secrets: inherit From d3d39c5e0e0b50d7976b2d972add02fe04c55500 Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 10:47:26 +0530 Subject: [PATCH 5/7] Fix SCA scan: fixed additional arguments section --- .github/workflows/sca_scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 08ef157..6a468c2 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -10,5 +10,5 @@ jobs: with: java-version: "17" pre-scan-commands: "./gradlew :guardian:dependencies --no-daemon --console=plain" - additional-arguments: "--file=guardian/build.gradle" + additional-arguments: "--exclude=app" secrets: inherit From 35346110725734a11c6e51f60687115e536b2189 Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 11:15:19 +0530 Subject: [PATCH 6/7] Test commit to test out whether SCA is working or not. --- .github/workflows/sca_scan.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 6a468c2..2642090 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -3,6 +3,8 @@ name: SCA on: push: branches: ["master", "main", "**"] + pull_request: + branches: ["master", "main","**"] jobs: snyk-cli: From 709032c5a528ec2c095a3070a70cfbf87c5f575b Mon Sep 17 00:00:00 2001 From: Arunav Gandhi Date: Wed, 1 Jul 2026 11:52:18 +0530 Subject: [PATCH 7/7] Reverted back to the original --- .github/workflows/sca_scan.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml index 2642090..a122799 100644 --- a/.github/workflows/sca_scan.yml +++ b/.github/workflows/sca_scan.yml @@ -2,9 +2,7 @@ name: SCA on: push: - branches: ["master", "main", "**"] - pull_request: - branches: ["master", "main","**"] + branches: [ "master", "main", "**" ] jobs: snyk-cli: