From 2246c94fd5bc3c4a909f207ee0a9217823affe89 Mon Sep 17 00:00:00 2001
From: Connel McGovern <100574906+mcgovc@users.noreply.github.com>
Date: Tue, 6 Jun 2023 17:08:19 +0100
Subject: [PATCH] ES-562: Updating .snyk YAML indentation & updating modules to
 scan on Snyk nightly  (#7385)

* NOTICK: Correct Yaml whitespace
* Update JenkinsfileSnykScan Snyk modules
* Correcting YAML indentation
* NOTICK: Update reges to match ES Jira tickets
* Removing bridge/bridgecapsule from main release branch CI pipeline
---
 .ci/dev/nightly-regression/JenkinsfileSnykScan |  2 +-
 .ci/dev/regression/Jenkinsfile                 |  2 +-
 .github/workflows/check-pr-title.yml           |  2 +-
 .snyk                                          | 14 +++++++-------
 4 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.ci/dev/nightly-regression/JenkinsfileSnykScan b/.ci/dev/nightly-regression/JenkinsfileSnykScan
index 564bb516a9..6c0f81d698 100644
--- a/.ci/dev/nightly-regression/JenkinsfileSnykScan
+++ b/.ci/dev/nightly-regression/JenkinsfileSnykScan
@@ -3,5 +3,5 @@
 cordaSnykScanPipeline (
     snykTokenId: 'c4-os-snyk-api-token-secret',
     // specify the Gradle submodules to scan and monitor on snyk Server
-    modulesToScan: ['node', 'capsule', 'bridge', 'bridgecapsule']
+    modulesToScan: ['node', 'capsule']
 )
diff --git a/.ci/dev/regression/Jenkinsfile b/.ci/dev/regression/Jenkinsfile
index 02dc1a403d..4bab8e416c 100644
--- a/.ci/dev/regression/Jenkinsfile
+++ b/.ci/dev/regression/Jenkinsfile
@@ -92,7 +92,7 @@ pipeline {
             steps {
                 script {
                     // Invoke Snyk for each Gradle sub project we wish to scan
-                    def modulesToScan = ['node', 'capsule', 'bridge', 'bridgecapsule']
+                    def modulesToScan = ['node', 'capsule']
                     modulesToScan.each { module ->
                         snykSecurityScan("${env.SNYK_API_KEY}", "--sub-project=$module --configuration-matching='^runtimeClasspath\$' --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'")
                     }
diff --git a/.github/workflows/check-pr-title.yml b/.github/workflows/check-pr-title.yml
index a27b6c02e4..6d45a2bd31 100644
--- a/.github/workflows/check-pr-title.yml
+++ b/.github/workflows/check-pr-title.yml
@@ -9,6 +9,6 @@ jobs:
     steps:
       - uses: morrisoncole/pr-lint-action@v1.4.1
         with:
-          title-regex: '^((CORDA|AG|EG|ENT|INFRA|NAAS)-\d+|NOTICK)(.*)'
+          title-regex: '^((CORDA|AG|EG|ENT|INFRA|NAAS|ES)-\d+|NOTICK)(.*)'
           on-failed-regex-comment: "PR title failed to match regex -> `%regex%`"
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.snyk b/.snyk
index 2b9605267a..93a9db4572 100644
--- a/.snyk
+++ b/.snyk
@@ -131,7 +131,7 @@ ignore:
           this vulnerability.
         expires: 2023-09-01T11:32:38.120Z
         created: 2022-09-21T11:32:38.125Z
-SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
+  SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
     - '*':
         reason: >-
           Corda does not set the non-default UNWRAP_SINGLE_VALUE_ARRAYS required
@@ -145,7 +145,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           nesting are potentially susceptible.
         expires: 2023-09-01T12:04:40.180Z
         created: 2023-02-09T12:04:40.209Z
- SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426:
+  SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426:
     - '*':
         reason: >-
           Corda does not set the non-default UNWRAP_SINGLE_VALUE_ARRAYS required
@@ -159,7 +159,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           nesting are potentially susceptible.
         expires: 2023-09-01T12:05:03.931Z
         created: 2023-02-09T12:05:03.962Z
- SNYK-JAVA-ORGYAML-2806360:
+  SNYK-JAVA-ORGYAML-2806360:
     - '*':
         reason: >-
           Snakeyaml is being used by Jackson and liquidbase. Corda does not use
@@ -172,7 +172,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           not exposed to this DOS vulnerability.
         expires: 2023-09-01T13:40:55.262Z
         created: 2022-09-21T13:40:55.279Z
- SNYK-JAVA-ORGYAML-3016891:
+  SNYK-JAVA-ORGYAML-3016891:
     - '*':
         reason: >-
           Snakeyaml is being used by Jackson and liquidbase. Corda does not use
@@ -186,7 +186,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           vulnerability.
         expires: 2023-09-01T16:37:28.911Z
         created: 2023-02-06T16:37:28.933Z
- SNYK-JAVA-ORGYAML-3016888:
+  SNYK-JAVA-ORGYAML-3016888:
     - '*':
         reason: >-
           Snakeyaml is being used by Jackson and liquidbase. Corda does not use
@@ -200,7 +200,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           vulnerability.
         expires: 2023-09-01T13:39:49.450Z
         created: 2022-09-21T13:39:49.470Z
- SNYK-JAVA-ORGYAML-3016889:
+  SNYK-JAVA-ORGYAML-3016889:
     - '*':
         reason: >-
           Snakeyaml is being used by Jackson and liquidbase. Corda does not use
@@ -214,7 +214,7 @@ SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424:
           vulnerability.
         expires: 2023-09-01T16:35:13.840Z
         created: 2023-02-06T16:35:13.875Z
- SNYK-JAVA-ORGYAML-3113851:
+  SNYK-JAVA-ORGYAML-3113851:
     - '*':
         reason: >-
           Snakeyaml is being used by Jackson and liquidbase. Corda does not use