From dfade296c92e587da599b358913fe2f3d43b21dc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Oct 2025 07:59:40 +0000
Subject: [PATCH 1/2] Bump redis.clients:jedis from 6.2.0 to 7.0.0 in
 /SimpleAPI

Bumps [redis.clients:jedis](https://github.com/redis/jedis) from 6.2.0 to 7.0.0.
- [Release notes](https://github.com/redis/jedis/releases)
- [Commits](https://github.com/redis/jedis/compare/v6.2.0...v7.0.0)

---
updated-dependencies:
- dependency-name: redis.clients:jedis
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 SimpleAPI/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SimpleAPI/pom.xml b/SimpleAPI/pom.xml
index 96cb133..7bd3f70 100644
--- a/SimpleAPI/pom.xml
+++ b/SimpleAPI/pom.xml
@@ -217,7 +217,7 @@
         <dependency>
             <groupId>redis.clients</groupId>
             <artifactId>jedis</artifactId>
-            <version>6.2.0</version>
+            <version>7.0.0</version>
         </dependency>
 	</dependencies>
 	<profiles>

From aa026b04c3156eebabbbc254318a400164f55bde Mon Sep 17 00:00:00 2001
From: Ben <benbergen12@gmail.com>
Date: Mon, 13 Oct 2025 08:05:08 -0600
Subject: [PATCH 2/2] Enhance Maven workflow with permissions

Added permissions for dependency submission and updated comments.
---
 .github/workflows/maven.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 39c858e..17b33ca 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -1,11 +1,6 @@
 # This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
 
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-
 name: Java CI with Maven
 
 on:
@@ -14,6 +9,9 @@ on:
   pull_request:
     branches: [ "main" ]
 
+permissions:
+  contents: write   # required for dependency submission
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -30,8 +28,10 @@ jobs:
       - name: Build with Maven
         run: mvn -B -f SimpleAPI/pom.xml package
 
+      # Only run dependency graph submission on push (not pull_request)
       - name: Submit Dependency Snapshot
+        if: github.event_name == 'push'
         uses: advanced-security/maven-dependency-submission-action@v5
         with:
-          directory: SimpleAPI   # <-- tell the action where pom.xml is
+          directory: SimpleAPI   # path to pom.xml
           # optional: maven-args: "-DskipTests"