From d8a3ab33a5c8854cbc2595bd3a07986592326ffe Mon Sep 17 00:00:00 2001
From: "harshitha.d" <harshitha.d@contentstack.com>
Date: Mon, 27 Oct 2025 17:52:30 +0530
Subject: [PATCH 1/7] chore: update codeowners and remove secrets scan workflow

---
 .github/workflows/secrets-scan.yml | 29 -----------------------------
 CODEOWNERS                         | 12 +++++++++++-
 2 files changed, 11 insertions(+), 30 deletions(-)
 delete mode 100644 .github/workflows/secrets-scan.yml

diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml
deleted file mode 100644
index f9db69f..0000000
--- a/.github/workflows/secrets-scan.yml
+++ /dev/null
@@ -1,29 +0,0 @@
-name: Secrets Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-jobs:
-  security-secrets:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: '2'
-          ref: '${{ github.event.pull_request.head.ref }}'
-      - run: |
-          git reset --soft HEAD~1
-      - name: Install Talisman
-        run: |
-          # Download Talisman
-          wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman
-
-          # Checksum verification
-          checksum=$(sha256sum ./talisman | awk '{print $1}')
-          if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi  
-
-          # Make it executable
-          chmod +x talisman
-      - name: Run talisman
-        run: |
-          # Run Talisman with the pre-commit hook
-          ./talisman --githook pre-commit
\ No newline at end of file
diff --git a/CODEOWNERS b/CODEOWNERS
index 0773923..4beb650 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -1 +1,11 @@
-* @contentstack/security-admin
\ No newline at end of file
+* @contentstack/devex-pr-reviewers
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+.github/workflows/codeql-anaylsis.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin
\ No newline at end of file

From 2793b3288e60e5a1b821964a96c8c1c5488d997f Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Tue, 4 Nov 2025 15:35:17 +0530
Subject: [PATCH 2/7] feat: add workflow step to download regions.json file

---
 .github/workflows/ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 41be136..7cd3171 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -19,6 +19,14 @@ jobs:
           with:
             node-version: '22.x'
         - run: npm ci
+        - name: Download regions.json
+          run: |
+            mkdir -p dist/lib
+            npm run download-regions
+            if [ ! -f dist/lib/regions.json ]; then
+              echo "Error: regions.json was not downloaded successfully"
+              exit 1
+            fi
         - uses: ArtiomTr/jest-coverage-report-action@v2
           id: coverage-utils-js
           continue-on-error: true

From cf6c1472f8840984e5efd063abcfe300fb37d80d Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Tue, 4 Nov 2025 15:42:54 +0530
Subject: [PATCH 3/7] fix: use script from package.json to run in workflow
 action

---
 .github/workflows/ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7cd3171..ac573fd 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -32,6 +32,7 @@ jobs:
           continue-on-error: true
           with:
             output: comment, report-markdown
+            test-script: npm test
         - uses: marocchino/sticky-pull-request-comment@v2
           continue-on-error: true
           if: steps.coverage-utils-js.outputs.report != ''

From e9794058b23cf9e178fef040610325997e7680ae Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Wed, 5 Nov 2025 12:00:04 +0530
Subject: [PATCH 4/7] chore: add verbose flag to download region script

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index c40cdcc..00a7490 100644
--- a/package.json
+++ b/package.json
@@ -25,7 +25,7 @@
     "test:badges": "npm run clear:badges && npm run test && jest-coverage-badges --input ./reports/coverage/coverage-summary.json --output ./badges",
     "test:debug": "jest --watchAll --runInBand",
     "prebuild": "rimraf dist && mkdir -p dist/lib && npm run download-regions",
-    "download-regions": "curl -s --max-time 30 --fail https://artifacts.contentstack.com/regions.json -o dist/lib/regions.json || echo 'Warning: Failed to download regions.json'",
+    "download-regions": "curl -v --max-time 30 --fail https://artifacts.contentstack.com/regions.json -o dist/lib/regions.json || echo 'Warning: Failed to download regions.json'",
     "build": "tsc && rollup -c",
     "format": "prettier --write \"src/**/*.ts\"",
     "prepare": "husky install && npm run build",

From 1dd575af0adedbd4ea370e3eaf8a480e45106eba Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Wed, 5 Nov 2025 17:44:31 +0530
Subject: [PATCH 5/7] chore: add debugging steps to CI workflow and update test
 command in package.json

---
 .github/workflows/ci.yml | 18 +++++++++++++++++-
 .talismanrc              |  2 ++
 package.json             |  2 +-
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ac573fd..84731e0 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,18 +15,34 @@ jobs:
       checks: write
     steps:
         - uses: actions/checkout@v3
+        - name: Check working directory after checkout
+          run: pwd
         - uses: actions/setup-node@v4
           with:
             node-version: '22.x'
-        - run: npm ci
+        - name: Check working directory after setup-node
+          run: pwd
+        - name: Install dependencies
+          run: |
+            pwd
+            npm ci
         - name: Download regions.json
           run: |
+            pwd
+            ls -la
             mkdir -p dist/lib
+            pwd
             npm run download-regions
+            pwd
+            ls -la dist/lib/ || echo "dist/lib does not exist"
             if [ ! -f dist/lib/regions.json ]; then
               echo "Error: regions.json was not downloaded successfully"
               exit 1
             fi
+        - name: Check working directory before tests
+          run: |
+            pwd
+            ls -la
         - uses: ArtiomTr/jest-coverage-report-action@v2
           id: coverage-utils-js
           continue-on-error: true
diff --git a/.talismanrc b/.talismanrc
index 684d117..d282969 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -10,3 +10,5 @@ fileignoreconfig:
   checksum: 5baabd7d2c391648163f9371f0e5e9484f8fb90fa2284cfc378732ec3192c193
 - filename: src/endpoints.ts
   checksum: 721a1df93b02d04c1c19a76c171fe2748e4abb1fc3e43452e76fecfd8f384751
+- filename: package.json
+  checksum: 033eb21070795be5b426183f52d784347110fcb724bc9f8d63f94898ac5f0086
\ No newline at end of file
diff --git a/package.json b/package.json
index 00a7490..f747970 100644
--- a/package.json
+++ b/package.json
@@ -21,7 +21,7 @@
     "clear:reports": "rm -rf reports",
     "clear:badges": "rm -rf badges",
     "pretest": "npm run build",
-    "test": "npm run clear:reports && jest --ci --json --coverage --testLocationInResults --outputFile=./reports/report.json",
+    "test": "npm run clear:reports && pwd && jest --ci --json --coverage --testLocationInResults --outputFile=./reports/report.json",
     "test:badges": "npm run clear:badges && npm run test && jest-coverage-badges --input ./reports/coverage/coverage-summary.json --output ./badges",
     "test:debug": "jest --watchAll --runInBand",
     "prebuild": "rimraf dist && mkdir -p dist/lib && npm run download-regions",

From 808e718d578f376e9c084c99f591655a57eb43fc Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Wed, 5 Nov 2025 18:07:25 +0530
Subject: [PATCH 6/7] chore: add skip-step option to CI workflow for improved
 control over test execution

---
 .github/workflows/ci.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 84731e0..c0feb2f 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -49,6 +49,7 @@ jobs:
           with:
             output: comment, report-markdown
             test-script: npm test
+            skip-step: head
         - uses: marocchino/sticky-pull-request-comment@v2
           continue-on-error: true
           if: steps.coverage-utils-js.outputs.report != ''

From 37fb8330629f310cf682e6435238ab20d6c00eea Mon Sep 17 00:00:00 2001
From: Nadeem Patwekar <nadeem.patwekar@contentstack.com>
Date: Thu, 6 Nov 2025 00:36:26 +0530
Subject: [PATCH 7/7] fix: update ci.yml

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c0feb2f..24e4336 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -49,7 +49,7 @@ jobs:
           with:
             output: comment, report-markdown
             test-script: npm test
-            skip-step: head
+            skip-step: install
         - uses: marocchino/sticky-pull-request-comment@v2
           continue-on-error: true
           if: steps.coverage-utils-js.outputs.report != ''