From b70108f0a37fb85055b618960a5a6bde7342f420 Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Thu, 11 Dec 2025 10:08:07 +0530
Subject: [PATCH 1/7] chore:Added sca_scan to the GHA pipeline

---
 .github/workflows/sca_scan.yml | 12 ++++++++++
 .github/workflows/snyk.yml     | 40 ----------------------------------
 2 files changed, 12 insertions(+), 40 deletions(-)
 create mode 100644 .github/workflows/sca_scan.yml
 delete mode 100644 .github/workflows/snyk.yml

diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
new file mode 100644
index 00000000..4cb28a70
--- /dev/null
+++ b/.github/workflows/sca_scan.yml
@@ -0,0 +1,12 @@
+name: SCA
+
+on:
+  push:
+    branches: ["master", "main", "**"]
+
+jobs:
+  snyk-cli:
+    uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
+    with:
+      additional-arguments: "--exclude=README.md"
+    secrets: inherit
\ No newline at end of file
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
deleted file mode 100644
index 33831618..00000000
--- a/.github/workflows/snyk.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-name: Snyk
-
-on:
-  merge_group:
-  workflow_dispatch:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-  push:
-    branches:
-      - main
-  schedule:
-    - cron: "30 0 1,15 * *"
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
-
-jobs:
-  check:
-    name: Check for Vulnerabilities
-    runs-on: ubuntu-latest
-
-    steps:
-      - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group'
-        run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection.
-
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha || github.ref }}
-
-      - run: npm install snyk -g
-
-      - run: snyk test
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

From a30d40a1f4dc3a46eb12805143e4a130f53b846e Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Mon, 15 Dec 2025 11:49:22 +0530
Subject: [PATCH 2/7] updating dependabot check to monthly instead od daily

---
 .github/dependabot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 6778b049..bc63aca3 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,4 +3,4 @@ updates:
   - package-ecosystem: 'github-actions'
     directory: '/'
     schedule:
-      interval: 'daily'
+      interval: 'monthly'

From 57b09cce95efd8a7b70ea4acbff3a7fd94f6412f Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Mon, 15 Dec 2025 16:14:18 +0530
Subject: [PATCH 3/7] Making dependabot PRs weekly

---
 .github/dependabot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index bc63aca3..b18fd293 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,4 +3,4 @@ updates:
   - package-ecosystem: 'github-actions'
     directory: '/'
     schedule:
-      interval: 'monthly'
+      interval: 'weekly'

From ca4bb11bc3f85747b28674f906fa462fceb2ca11 Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Thu, 18 Dec 2025 16:45:58 +0530
Subject: [PATCH 4/7] Updating java version to 11

---
 .github/actions/setup/action.yml | 2 +-
 .github/workflows/sca_scan.yml   | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
index 98e09c7c..0712d4e9 100644
--- a/.github/actions/setup/action.yml
+++ b/.github/actions/setup/action.yml
@@ -5,7 +5,7 @@ inputs:
   java:
     description: The Java version to use
     required: false
-    default: 8.0.382-tem
+    default: 11.0.29-tem
   gradle:
     description: The Gradle version to use
     required: false
diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
index 4cb28a70..f099855b 100644
--- a/.github/workflows/sca_scan.yml
+++ b/.github/workflows/sca_scan.yml
@@ -2,11 +2,9 @@ name: SCA
 
 on:
   push:
-    branches: ["master", "main", "**"]
+    branches: ["master", "main"]
 
 jobs:
   snyk-cli:
     uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
-    with:
-      additional-arguments: "--exclude=README.md"
     secrets: inherit
\ No newline at end of file

From c557f1836b8df303f9a6440ac6ce09b6452fb8ed Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Thu, 18 Dec 2025 16:58:12 +0530
Subject: [PATCH 5/7] Fixed lint error

---
 .../main/java/com/auth0/android/lock/views/LogInFormView.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/src/main/java/com/auth0/android/lock/views/LogInFormView.java b/lib/src/main/java/com/auth0/android/lock/views/LogInFormView.java
index 14605d12..c0f3a79d 100644
--- a/lib/src/main/java/com/auth0/android/lock/views/LogInFormView.java
+++ b/lib/src/main/java/com/auth0/android/lock/views/LogInFormView.java
@@ -211,7 +211,7 @@ public Object submitForm() {
         corporateSSO = true;
         usernameInput.clearFocus();
         InputMethodManager imm = (InputMethodManager) getContext().getSystemService(Context.INPUT_METHOD_SERVICE);
-        imm.hideSoftInputFromWindow(getWindowToken(), InputMethodManager.RESULT_UNCHANGED_SHOWN);
+        imm.hideSoftInputFromWindow(getWindowToken(), 0);
         return null;
     }
 

From e24e7f141100c504a765cd9f8db8462579b409cb Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Thu, 18 Dec 2025 18:13:59 +0530
Subject: [PATCH 6/7] Using setup-java@v4 instead of SDKMAN

---
 .github/actions/setup/action.yml | 30 +++++++++++-------------------
 1 file changed, 11 insertions(+), 19 deletions(-)

diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
index 0712d4e9..443b57d1 100644
--- a/.github/actions/setup/action.yml
+++ b/.github/actions/setup/action.yml
@@ -5,30 +5,22 @@ inputs:
   java:
     description: The Java version to use
     required: false
-    default: 11.0.29-tem
-  gradle:
-    description: The Gradle version to use
-    required: false
-    default: 6.7.1
-  kotlin:
-    description: The Kotlin version to use
-    required: false
-    default: 1.6.21
+    default: '11'
 
 runs:
   using: composite
 
   steps:
-    - run: |
-        curl -s "https://get.sdkman.io" | bash
-        source "/home/runner/.sdkman/bin/sdkman-init.sh"
-        sdk list java
-        sdk install java ${{ inputs.java }} && sdk default java ${{ inputs.java }}
-        sdk install gradle ${{ inputs.gradle }} && sdk default gradle ${{ inputs.gradle }}
-        sdk install kotlin ${{ inputs.kotlin }} && sdk default kotlin ${{ inputs.kotlin }}
-      shell: bash
+    - name: Set up JDK
+      uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # pin@4.8.0
+      with:
+        java-version: ${{ inputs.java }}
+        distribution: 'temurin'
+
+    - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # pin@1.1.0
+
+    - name: Setup Gradle
+      uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # pin@4.4.4
 
     - run: ./gradlew androidDependencies
       shell: bash
-
-    - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # pin@1.1.0

From c35059211a4931180c4db27d9bf36ccf942aedd3 Mon Sep 17 00:00:00 2001
From: Prince Mathew <prince.mathew@okta.com>
Date: Fri, 19 Dec 2025 11:26:16 +0530
Subject: [PATCH 7/7] Updated the code owner file

---
 .github/CODEOWNERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 60f116c0..7958e8bd 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1 +1 @@
-*	@auth0/dx-sdks-engineer
+*	@auth0/project-dx-sdks-engineer-codeowner