From 63e965a9681b16217ef1c7d9d7c15483c848e115 Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Tue, 14 Dec 2021 17:05:52 -0500
Subject: [PATCH 1/6] Update pom.xml

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index eb17410c8..1cce22ff0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,6 +31,11 @@
            <artifactId>jasypt</artifactId>
            <version>1.9.2</version>
         </dependency>
+	<dependency>
+           <groupId>org.apache.logging.log4j</groupId>
+           <artifactId>log4j-api</artifactId>
+           <version>2.14.0</version>
+        </dependency>
         <dependency>
         <groupId>com.github.ulisesbocchio</groupId>
         	<artifactId>jasypt-spring-boot-starter</artifactId>

From d463aa7f299f84d9a32c7864fef4791b77121c21 Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Thu, 16 Dec 2021 17:12:49 -0500
Subject: [PATCH 2/6] Update pom.xml

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 1cce22ff0..d42be2021 100644
--- a/pom.xml
+++ b/pom.xml
@@ -34,7 +34,7 @@
 	<dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-api</artifactId>
-           <version>2.14.0</version>
+           <version>2.16.0</version>
         </dependency>
         <dependency>
         <groupId>com.github.ulisesbocchio</groupId>

From 58338c909624b8f0c1967c272a905c5a7a5fbb11 Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Tue, 25 Jan 2022 11:34:31 -0500
Subject: [PATCH 3/6] Update shiftleft.yml

---
 shiftleft.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/shiftleft.yml b/shiftleft.yml
index 220d4baf4..941a13288 100644
--- a/shiftleft.yml
+++ b/shiftleft.yml
@@ -9,4 +9,9 @@ build_rules:
       - SEVERITY_MEDIUM_IMPACT
       - SEVERITY_HIGH_IMPACT
       - SEVERITY_LOW_IMPACT
-    threshold: 0
\ No newline at end of file
+    threshold: 0
+  - id: reachable-oss-vuln
+    finding_types: [oss_vuln]
+    options:
+      reachable: true
+      num_findings: 10

From c4191af96da99c9047af053e17184be1384efb3c Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Tue, 25 Jan 2022 14:03:06 -0500
Subject: [PATCH 4/6] Update shiftleft.yml

---
 .github/workflows/shiftleft.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/shiftleft.yml b/.github/workflows/shiftleft.yml
index 79695c970..c9ba74314 100644
--- a/.github/workflows/shiftleft.yml
+++ b/.github/workflows/shiftleft.yml
@@ -46,7 +46,7 @@ jobs:
         curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl
     - name: Validate Build Rules
       run: |
-        ${GITHUB_WORKSPACE}/sl check-analysis --app shiftleft-java-demo \
+        ${GITHUB_WORKSPACE}/sl check-analysis --app shiftleft-java-demo --config ./shiftleft.yml --v2 \
             --branch "${{ github.head_ref || steps.extract_branch.outputs.branch }}" \
             --report \
             --github-pr-number=${{github.event.number}} \
@@ -56,4 +56,4 @@ jobs:
       env:
         SHIFTLEFT_ACCESS_TOKEN: ${{ secrets.SHIFTLEFT_ACCESS_TOKEN }}
          
-  
\ No newline at end of file
+  

From 361eb8e2ef5c0f0c163070ae5bf130f8127ba800 Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Tue, 25 Jan 2022 17:29:16 -0500
Subject: [PATCH 5/6] Update shiftleft.yml

---
 .github/workflows/shiftleft.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/shiftleft.yml b/.github/workflows/shiftleft.yml
index c9ba74314..d91c216a0 100644
--- a/.github/workflows/shiftleft.yml
+++ b/.github/workflows/shiftleft.yml
@@ -47,7 +47,6 @@ jobs:
     - name: Validate Build Rules
       run: |
         ${GITHUB_WORKSPACE}/sl check-analysis --app shiftleft-java-demo --config ./shiftleft.yml --v2 \
-            --branch "${{ github.head_ref || steps.extract_branch.outputs.branch }}" \
             --report \
             --github-pr-number=${{github.event.number}} \
             --github-pr-user=${{ github.repository_owner }} \

From 8c616e06604e2dfbd4d8ad71c4df4bdc7317d1d6 Mon Sep 17 00:00:00 2001
From: robwlundy <83795676+robwlundy@users.noreply.github.com>
Date: Tue, 25 Jan 2022 17:31:31 -0500
Subject: [PATCH 6/6] Update shiftleft.yml

---
 shiftleft.yml | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/shiftleft.yml b/shiftleft.yml
index 941a13288..726335744 100644
--- a/shiftleft.yml
+++ b/shiftleft.yml
@@ -1,17 +1,15 @@
 build_rules:
-  - id: allow-zero-findings
+  - id: build-break-rule
     finding_types:
       - vuln
-      - secret
-      - insight
-      - "*"
     severity:
-      - SEVERITY_MEDIUM_IMPACT
-      - SEVERITY_HIGH_IMPACT
-      - SEVERITY_LOW_IMPACT
-    threshold: 0
+      - critical
+      - moderate
+    type:
+      - XSS
+    threshold: 8
   - id: reachable-oss-vuln
     finding_types: [oss_vuln]
     options:
       reachable: true
-      num_findings: 10
+      num_findings: 25