From 32dada1a503d5a64c26a49a9ab84cedfbbde8611 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Wed, 23 Apr 2025 21:37:29 +0530
Subject: [PATCH 1/7] policy-scan.yml

---
 .github/workflows/policy-scan.yml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
index 7d635fc9..ff259231 100644
--- a/.github/workflows/policy-scan.yml
+++ b/.github/workflows/policy-scan.yml
@@ -24,4 +24,23 @@ jobs:
       - uses: actions/checkout@master
       - name: Checks for License file
         run: |
-          if ! [[ -f "LICENSE" || -f "License.txt" || -f "LICENSE.md" || -f "LICENSE.txt" ]]; then exit 1; fi
+          expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+          license_file_found=false
+          current_year=$(date +"%Y")
+
+          for license_file in "${expected_license_files[@]}"; do
+              if  [ -f "$license_file" ]; then
+                 license_file_found=true
+                 # check the license file for the current year, if not exists, exit with error
+                  if  ! grep -q "$current_year" "$license_file"; then
+                      echo "License file $license_file does not contain the current year."
+                      exit 2
+                  fi
+                  break
+              fi        
+          done
+
+          if [ "$license_file_found" = false ]; then
+              echo "No license file found. Please add a license file to the repository."
+              exit 1
+          fi
\ No newline at end of file

From 70439a3c6ed57539b45d439c570d58da0094f6f4 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Mon, 5 May 2025 22:03:13 +0530
Subject: [PATCH 2/7] policy-scan.yml


From cd8e90c4f70c601dde4e74d5b12ad9053af7c7de Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Mon, 5 May 2025 22:03:20 +0530
Subject: [PATCH 3/7] issues-jira.yml


From e5c6dc6441e3b24ea7446fce0c742ce60da1079a Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Mon, 5 May 2025 22:03:21 +0530
Subject: [PATCH 4/7] secrets-scan.yml

---
 .github/workflows/secrets-scan.yml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/workflows/secrets-scan.yml

diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml
new file mode 100644
index 00000000..049c02f4
--- /dev/null
+++ b/.github/workflows/secrets-scan.yml
@@ -0,0 +1,29 @@
+name: Secrets Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-secrets:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: '2'
+          ref: '${{ github.event.pull_request.head.ref }}'
+      - run: |
+          git reset --soft HEAD~1
+      - name: Install Talisman
+        run: |
+          # Download Talisman
+          wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman
+
+          # Checksum verification
+          checksum=$(sha256sum ./talisman | awk '{print $1}')
+          if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi  
+
+          # Make it executable
+          chmod +x talisman
+      - name: Run talisman
+        run: |
+          # Run Talisman with the pre-commit hook
+          ./talisman --githook pre-commit
\ No newline at end of file

From 78a428143202545dbcbf73c9abfca732ab51e269 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Mon, 5 May 2025 22:03:26 +0530
Subject: [PATCH 5/7] Updated codeowners


From d5cf3df03c953ec9b8b129cf80b91b0f093bc1e8 Mon Sep 17 00:00:00 2001
From: Aravind Kumar <aravind.kumar@contentstack.com>
Date: Mon, 5 May 2025 23:32:59 +0530
Subject: [PATCH 6/7] talismanrc file updated

---
 .talismanrc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.talismanrc b/.talismanrc
index c89690f5..9e52566d 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -1,4 +1,7 @@
 fileignoreconfig:
+- filename: .github/workflows/secrets-scan.yml
+  ignore_detectors:
+    - filecontent
 - filename: package-lock.json
   checksum: 28f8e6d0e7856b4a568fd260dcc4deb531bcdbebbbff956b008ce7dd26a0475d
 - filename: test/typescript/taxonomy.test.ts

From 6157f31e972e30d051afda63092d72136ad1e67a Mon Sep 17 00:00:00 2001
From: "harshitha.d" <harshitha.d@contentstack.com>
Date: Fri, 4 Jul 2025 16:02:04 +0530
Subject: [PATCH 7/7] update talismanrc

---
 .talismanrc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.talismanrc b/.talismanrc
index e09434dc..97cb474f 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -3,4 +3,6 @@ fileignoreconfig:
     checksum: 22c6a7fe4027d6b2c9adf0cbeb9c525ab79b15210b07ec5189693992e6800a66
   - filename: test/typescript/stack.test.ts
     checksum: 50b764c0ca6f6f27d7306a4e54327bef9b178e8436c6e3fad0d67d77343d10b3
+  - filename: .github/workflows/secrets-scan.yml
+    checksum: d79ec3f3288964f7d117b9ad319a54c0ebc152e35f69be8fde95522034fdfb2a
 version: ""