From 5cd7dcd4603386a75e84c4b1ab7886e9ed39134b Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 00:31:12 +0530
Subject: [PATCH 1/6] fix: update SCA workflow to exclude example/android
 instead of README.md

---
 .github/workflows/sca_scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index c47b2307..26871f2e 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,5 +8,5 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--exclude=README.md'
+      additional-arguments: '--exclude=example/android'
     secrets: inherit

From 867a565a91a0adadff3a4dd30217f9a471761986 Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 10:38:07 +0530
Subject: [PATCH 2/6] fix: update SCA workflow to exclude example directory
 instead of example/android

---
 .github/workflows/sca_scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index 26871f2e..5f7cccdc 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,5 +8,5 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--exclude=example/android'
+      additional-arguments: '--exclude=example'
     secrets: inherit

From 55064da30564ded57f70c35430283618ee3700ec Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 11:51:17 +0530
Subject: [PATCH 3/6] fix: update SCA workflow to exclude android and set
 detection depth

---
 .github/workflows/sca_scan.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index 5f7cccdc..bdaa2a2b 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,5 +8,6 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--exclude=example'
+      additional-arguments: '--exclude=example --exclude=android --detection-depth=3'
+      java-version: '17'
     secrets: inherit

From a9aeb31f09f69f9a1a91ccddf6bb8877d75cce24 Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 12:04:51 +0530
Subject: [PATCH 4/6] fix: remove detection depth argument from SCA workflow

---
 .github/workflows/sca_scan.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index bdaa2a2b..eb896be6 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,6 +8,7 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--exclude=example --exclude=android --detection-depth=3'
+      additional-arguments: '--exclude=example --exclude=android'
       java-version: '17'
+      node-version: '22'
     secrets: inherit

From 6d90c393062caa67bed6a4c3a5ad3afa8e8346b2 Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 14:33:14 +0530
Subject: [PATCH 5/6] fix: add yarn-workspaces argument and pre-scan command to
 SCA workflow

---
 .github/workflows/sca_scan.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index eb896be6..51c38042 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,7 +8,8 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--exclude=example --exclude=android'
+      additional-arguments: '--yarn-workspaces --exclude=example --exclude=android'
       java-version: '17'
       node-version: '22'
+      pre-scan-commands: yarn install
     secrets: inherit

From 79e94f468a5666edca7cdd1d8ad9000cd86d8fb2 Mon Sep 17 00:00:00 2001
From: Subhankar Maiti <subhankar.maiti@okta.com>
Date: Thu, 18 Dec 2025 14:37:04 +0530
Subject: [PATCH 6/6] fix: remove yarn-workspaces argument from SCA workflow

---
 .github/workflows/sca_scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index 51c38042..1868da08 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -8,7 +8,7 @@ jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
     with:
-      additional-arguments: '--yarn-workspaces --exclude=example --exclude=android'
+      additional-arguments: '--exclude=example --exclude=android'
       java-version: '17'
       node-version: '22'
       pre-scan-commands: yarn install