From dbc765e80c027ac11ab67fafc224309cd36a2450 Mon Sep 17 00:00:00 2001
From: Dylan <dylanbthomas@users.noreply.github.com>
Date: Mon, 3 Nov 2025 12:52:07 -0500
Subject: [PATCH 1/2] Update fortify.yml

Update Action versions in fortify.yml
---
 .github/workflows/fortify.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml
index 92f83fea..eb517c8c 100644
--- a/.github/workflows/fortify.yml
+++ b/.github/workflows/fortify.yml
@@ -32,18 +32,18 @@ jobs:
     steps:
       # Check out source code
       - name: Check Out Source Code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # Java is required to run the various Fortify utilities. Ensuring proper version is installed on the runner.
       - name: Setup Java
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: 17
           distribution: 'temurin'
 
       # Perform Fortify on Demand SAST + SCA scan and import SAST results into GitHub code scanning alerts
       - name: Run FoD SAST Scan
-        uses: fortify/github-action@v1
+        uses: fortify/github-action@v2
         with:
           sast-scan: true
           debricked-sca-scan: true

From 01f72fa381c22fd7e79e28a6cb573c90a42f43e8 Mon Sep 17 00:00:00 2001
From: Dylan <dylanbthomas@users.noreply.github.com>
Date: Wed, 18 Mar 2026 16:48:56 -0400
Subject: [PATCH 2/2] Upgrade Fortify GitHub Action and checkout version

Updated Fortify workflow to use newer action versions and added additional scan options.
---
 .github/workflows/fortify.yml | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml
index eb517c8c..d7a97386 100644
--- a/.github/workflows/fortify.yml
+++ b/.github/workflows/fortify.yml
@@ -32,7 +32,7 @@ jobs:
     steps:
       # Check out source code
       - name: Check Out Source Code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       # Java is required to run the various Fortify utilities. Ensuring proper version is installed on the runner.
       - name: Setup Java
@@ -42,19 +42,15 @@ jobs:
           distribution: 'temurin'
 
       # Perform Fortify on Demand SAST + SCA scan and import SAST results into GitHub code scanning alerts
-      - name: Run FoD SAST Scan
-        uses: fortify/github-action@v2
-        with:
-          sast-scan: true
-          debricked-sca-scan: true
+      - name: Run FoD SAST+SCA Scan
+        uses: fortify/github-action@v3
         env:
           FOD_URL: https://ams.fortify.com
           FOD_TENANT: ${{secrets.FOD_TENANT}}
           FOD_USER: ${{secrets.FOD_USER}}
           FOD_PASSWORD: ${{secrets.FOD_PAT}}
-          DO_EXPORT: true
-          DO_SETUP: true
-          SETUP_EXTRA_OPTS: --copy-from "${{ github.repository }}:${{ github.event.repository.default_branch }}"
-          DO_JOB_SUMMARY: true
-          DO_PR_COMMENT: true
+          DO_SCA_SCAN: true
+          DO_AVIATOR_AUDIT: true
+          COPY_FROM_RELEASE: "${{ github.repository }}:${{ github.event.repository.default_branch }}"
+          #DO_PR_COMMENT: true
           #DO_POLICY_CHECK: true