From 812decf4cb08d62ff7e8e521f90bbd17221979e2 Mon Sep 17 00:00:00 2001
From: WingZer0o <mikemulchrone987@gmail.com>
Date: Sun, 22 Mar 2026 08:32:57 -0400
Subject: [PATCH 1/3] testing owasp dc

---
 .github/workflows/dependency-scan.yml | 97 +++++++++++++--------------
 1 file changed, 46 insertions(+), 51 deletions(-)

diff --git a/.github/workflows/dependency-scan.yml b/.github/workflows/dependency-scan.yml
index abf4dca..50efd3b 100644
--- a/.github/workflows/dependency-scan.yml
+++ b/.github/workflows/dependency-scan.yml
@@ -1,59 +1,54 @@
-name: Dependency Scan
+name: OWASP Dependency Check
 
 on:
-  pull_request:
-    branches: [ "main" ]
   push:
-    branches: [ "main" ]
-  workflow_dispatch:
-
-env:
-  CARGO_TERM_COLOR: always
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
 
 jobs:
-  depscan:
+  build-and-scan:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@v4
-
-    - name: Set up Rust
-      uses: dtolnay/rust-toolchain@stable
-
-    - name: Generate lockfile when missing
-      run: |
-        if [ ! -f Cargo.lock ]; then
-          cargo generate-lockfile
-        fi
-
-    - name: Set up Node.js
-      uses: actions/setup-node@v4
-      with:
-        node-version: "20"
-
-    - name: Set up Python
-      uses: actions/setup-python@v5
-      with:
-        python-version: "3.11"
-
-    - name: Install OWASP scanning tools
-      run: |
-        npm install -g @cyclonedx/cdxgen
-        python -m pip install --upgrade pip
-        pip install owasp-depscan
-
-    - name: Create reports directory
-      run: mkdir -p reports
-
-    - name: Generate CycloneDX SBOM
-      run: cdxgen -t rust -o reports/sbom.json .
-
-    - name: Run OWASP dep-scan
-      run: depscan --bom reports/sbom.json --reports-dir reports
-
-    - name: Upload dependency scan reports
-      uses: actions/upload-artifact@v4
-      if: always()
-      with:
-        name: dependency-scan-reports
-        path: reports/
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Setup Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          profile: minimal
+          override: true
+
+      - name: Restore
+        run: cargo fetch
+
+      - name: Build
+        run: cargo build --release --locked
+
+      - name: Cache Dependency-Check data
+        uses: actions/cache@v4
+        with:
+          path: ~/.dependency-check
+          key: dependency-check-${{ runner.os }}
+          restore-keys: |
+            dependency-check-
+
+      - name: OWASP Dependency Check
+        uses: dependency-check/Dependency-Check_Action@main
+        with:
+          project: cas-lib
+          path: .
+          format: HTML
+          out: dependency-check-report
+          args: >
+            --enableRetired
+
+      - name: Upload Dependency Check Report
+        uses: actions/upload-artifact@v4
+        with:
+          name: dependency-check-report
+          path: dependency-check-report

From c3af3eb51a618db7247e7bc488e3e1cd440aa1d0 Mon Sep 17 00:00:00 2001
From: Mike Mulchrone <mikemulchrone987@gmail.com>
Date: Sun, 22 Mar 2026 09:16:08 -0400
Subject: [PATCH 2/3] testing owasp

---
 .github/workflows/dependency-scan.yml | 82 +++++++++++++++------------
 1 file changed, 45 insertions(+), 37 deletions(-)

diff --git a/.github/workflows/dependency-scan.yml b/.github/workflows/dependency-scan.yml
index 50efd3b..5ea21e3 100644
--- a/.github/workflows/dependency-scan.yml
+++ b/.github/workflows/dependency-scan.yml
@@ -1,54 +1,62 @@
-name: OWASP Dependency Check
+name: Dependency Scan
 
 on:
-  push:
-    branches: [ main ]
   pull_request:
-    branches: [ main ]
+    branches: [ "main" ]
+  push:
+    branches: [ "main" ]
+  workflow_dispatch:
+
+env:
+  CARGO_TERM_COLOR: always
 
 jobs:
-  build-and-scan:
+  depscan:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          submodules: recursive
+      - uses: actions/checkout@v4
 
-      - name: Setup Rust
-        uses: actions-rs/toolchain@v1
-        with:
-          toolchain: stable
-          profile: minimal
-          override: true
+      - name: Set up Rust
+        uses: dtolnay/rust-toolchain@stable
 
-      - name: Restore
-        run: cargo fetch
+      - name: Build the project
+        run: cargo build --release --verbose
 
-      - name: Build
-        run: cargo build --release --locked
+      - name: Generate lockfile when missing
+        run: |
+          if [ ! -f Cargo.lock ]; then
+            cargo generate-lockfile
+          fi
 
-      - name: Cache Dependency-Check data
-        uses: actions/cache@v4
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
         with:
-          path: ~/.dependency-check
-          key: dependency-check-${{ runner.os }}
-          restore-keys: |
-            dependency-check-
+          node-version: "24"
 
-      - name: OWASP Dependency Check
-        uses: dependency-check/Dependency-Check_Action@main
+      - name: Set up Python
+        uses: actions/setup-python@v5
         with:
-          project: cas-lib
-          path: .
-          format: HTML
-          out: dependency-check-report
-          args: >
-            --enableRetired
-
-      - name: Upload Dependency Check Report
+          python-version: "3.11"
+
+      - name: Install OWASP scanning tools
+        run: |
+          npm install -g @cyclonedx/cdxgen
+          python -m pip install --upgrade pip
+          pip install owasp-depscan
+
+      - name: Create reports directory
+        run: mkdir -p reports
+
+      - name: Generate CycloneDX SBOM
+        run: cdxgen -t rust -o reports/sbom.json .
+
+      - name: Run OWASP dep-scan
+        run: depscan --bom reports/sbom.json --reports-dir reports
+
+      - name: Upload dependency scan reports
         uses: actions/upload-artifact@v4
+        if: always()
         with:
-          name: dependency-check-report
-          path: dependency-check-report
+          name: dependency-scan-reports
+          path: reports/

From b31acf606529d065bef18b273c36c09a88baa920 Mon Sep 17 00:00:00 2001
From: Mike Mulchrone <mikemulchrone987@gmail.com>
Date: Sun, 22 Mar 2026 09:17:18 -0400
Subject: [PATCH 3/3] fixing

---
 .github/workflows/dependency-scan.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/dependency-scan.yml b/.github/workflows/dependency-scan.yml
index 5ea21e3..9e8ebec 100644
--- a/.github/workflows/dependency-scan.yml
+++ b/.github/workflows/dependency-scan.yml
@@ -1,4 +1,4 @@
-name: Dependency Scan
+name: OWASP Dependency Scan
 
 on:
   pull_request:
@@ -20,15 +20,15 @@ jobs:
       - name: Set up Rust
         uses: dtolnay/rust-toolchain@stable
 
-      - name: Build the project
-        run: cargo build --release --verbose
-
       - name: Generate lockfile when missing
         run: |
           if [ ! -f Cargo.lock ]; then
             cargo generate-lockfile
           fi
 
+      - name: Build the project
+        run: cargo build --release --verbose
+
       - name: Set up Node.js
         uses: actions/setup-node@v4
         with: