From 0a2b984294e40c55fe2abd0185f807f8668dff37 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 16 Apr 2025 10:52:15 +0530
Subject: [PATCH 1/6] policy-scan.yml

---
 .github/workflows/policy-scan.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 .github/workflows/policy-scan.yml

diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
new file mode 100644
index 00000000..13bd3623
--- /dev/null
+++ b/.github/workflows/policy-scan.yml
@@ -0,0 +1,27 @@
+name: Checks the security policy and configurations
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-policy:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for SECURITY.md policy file
+        run: |
+          if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+  security-license:
+    if: github.event.repository.visibility == 'public'
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - uses: actions/checkout@master
+      - name: Checks for License file
+        run: |
+          if ! [[ -f "LICENSE" || -f "License.txt" || -f "LICENSE.md" ]]; then exit 1; fi
\ No newline at end of file

From 735778e067c3774d71748b13076079ad5983ff83 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 16 Apr 2025 10:52:24 +0530
Subject: [PATCH 2/6] issues-jira.yml

---
 .github/workflows/issues-jira.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 .github/workflows/issues-jira.yml

diff --git a/.github/workflows/issues-jira.yml b/.github/workflows/issues-jira.yml
new file mode 100644
index 00000000..7bf04694
--- /dev/null
+++ b/.github/workflows/issues-jira.yml
@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  issue-jira:
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Login to Jira
+        uses: atlassian/gajira-login@master
+        env:
+          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+      - name: Create Jira Issue
+        id: create_jira
+        uses: atlassian/gajira-create@master
+        with:
+          project: ${{ secrets.JIRA_PROJECT }}
+          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+          summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+          description: |
+            *GitHub Issue:* ${{ github.event.issue.html_url }}
+            
+            *Description:*
+            ${{ github.event.issue.body }}
+          fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"
\ No newline at end of file

From 04af9309e3352a6170cd6ad75e5425e16bd7ba98 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 16 Apr 2025 10:52:25 +0530
Subject: [PATCH 3/6] Delete jira.yml

---
 .github/workflows/jira.yml | 33 ---------------------------------
 1 file changed, 33 deletions(-)
 delete mode 100644 .github/workflows/jira.yml

diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
deleted file mode 100644
index 250abc76..00000000
--- a/.github/workflows/jira.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
-  pull_request:
-    types: [opened]
-jobs:
-  security-jira:
-    if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Login into JIRA
-        uses: atlassian/gajira-login@master
-        env:
-          JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
-          JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
-          JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-      - name: Create a JIRA Issue
-        id: create
-        uses: atlassian/gajira-create@master
-        with:
-          project: ${{ secrets.JIRA_PROJECT }}
-          issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
-          summary: |
-            Snyk | Vulnerability | ${{ github.event.repository.name }} | ${{ github.event.pull_request.title }}
-          description: |
-            PR: ${{ github.event.pull_request.html_url }}
-
-          fields: "${{ secrets.JIRA_FIELDS }}"
-      - name: Transition issue
-        uses: atlassian/gajira-transition@v3
-        with:
-          issue: ${{ steps.create.outputs.issue }}
-          transition: ${{ secrets.JIRA_TRANSITION }}

From 64f861b60f11de5ff35c5df0b8879f3cc2a80d66 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 16 Apr 2025 10:52:26 +0530
Subject: [PATCH 4/6] Delete sast-scan.yml

---
 .github/workflows/sast-scan.yml | 11 -----------
 1 file changed, 11 deletions(-)
 delete mode 100644 .github/workflows/sast-scan.yml

diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
deleted file mode 100644
index 3b9521a5..00000000
--- a/.github/workflows/sast-scan.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-sast:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Semgrep Scan
-        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
\ No newline at end of file

From 39daa5c376da1ef3fe746a9669b1263166ff1056 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 16 Apr 2025 10:52:29 +0530
Subject: [PATCH 5/6] Updated codeowners


From c43164f45cfce8e0f45bbded8a8f01176b824e34 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 23 Apr 2025 21:42:26 +0530
Subject: [PATCH 6/6] policy-scan.yml

---
 .github/workflows/policy-scan.yml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
index 13bd3623..ff259231 100644
--- a/.github/workflows/policy-scan.yml
+++ b/.github/workflows/policy-scan.yml
@@ -24,4 +24,23 @@ jobs:
       - uses: actions/checkout@master
       - name: Checks for License file
         run: |
-          if ! [[ -f "LICENSE" || -f "License.txt" || -f "LICENSE.md" ]]; then exit 1; fi
\ No newline at end of file
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi
\ No newline at end of file