From c933e3c2a8dfe7df43bd5131a25b4b86415af7b4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Sch=C3=B6ppenthau?=
 <56257932+fschoeppenthau@users.noreply.github.com>
Date: Thu, 7 May 2026 13:49:21 -0400
Subject: [PATCH 1/4] [workflow] add GITHUB_TOKEN environment variable to Maven
 dependency submission step

---
 .github/workflows/maven.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 803c1dd..f90706a 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -75,6 +75,8 @@ jobs:
         uses: advanced-security/maven-dependency-submission-action@v5
         with:
           maven-args: -f ${{ inputs.pom-file }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Upload maven build artifacts
         uses: actions/upload-artifact@v7

From 7cfffda9d1c181bf0d0c2b3ce95429b0c032e011 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Sch=C3=B6ppenthau?=
 <56257932+fschoeppenthau@users.noreply.github.com>
Date: Thu, 7 May 2026 13:51:51 -0400
Subject: [PATCH 2/4] [workflow] update Maven dependency submission action to
 force update dependencies

---
 .github/workflows/maven.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index f90706a..3813367 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -74,7 +74,7 @@ jobs:
         if: github.ref_name == 'main'
         uses: advanced-security/maven-dependency-submission-action@v5
         with:
-          maven-args: -f ${{ inputs.pom-file }}
+          maven-args: -f ${{ inputs.pom-file }} -U
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

From c1fc794635a3ab3648f479f1e5bf2892ab2f5498 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Sch=C3=B6ppenthau?=
 <56257932+fschoeppenthau@users.noreply.github.com>
Date: Thu, 7 May 2026 15:34:48 -0400
Subject: [PATCH 3/4] [config] add maven settings for GitHub server
 authentication

---
 .github/maven-settings.xml | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 .github/maven-settings.xml

diff --git a/.github/maven-settings.xml b/.github/maven-settings.xml
new file mode 100644
index 0000000..180bec7
--- /dev/null
+++ b/.github/maven-settings.xml
@@ -0,0 +1,9 @@
+<settings>
+  <servers>
+    <server>
+      <id>github</id>
+      <username>${env.GITHUB_ACTOR}</username>
+      <password>${env.GITHUB_TOKEN}</password>
+    </server>
+  </servers>
+</settings>

From e97fedbd9f1ba96ab47e66a536270dbdbeb81f57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Sch=C3=B6ppenthau?=
 <56257932+fschoeppenthau@users.noreply.github.com>
Date: Thu, 7 May 2026 15:35:53 -0400
Subject: [PATCH 4/4] [workflow] update maven args to use custom settings file

---
 .github/workflows/maven.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 3813367..554ca28 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -74,7 +74,7 @@ jobs:
         if: github.ref_name == 'main'
         uses: advanced-security/maven-dependency-submission-action@v5
         with:
-          maven-args: -f ${{ inputs.pom-file }} -U
+          maven-args: -f ${{ inputs.pom-file }} -s ${{ github.workspace }}/settings.xml
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}