From 4189a8cbe2abe19b1a12e2158fe9b527e2c45daf Mon Sep 17 00:00:00 2001
From: prabhu <7842+prabhu@users.noreply.github.com>
Date: Thu, 4 Sep 2025 17:42:56 +0100
Subject: [PATCH 1/2] Update to use depscan v6 beta

Updated to use depscan v6 beta. Setting CDXGEN_TEMP_DIR variable since SBOM generation would fail otherwise with disk space errors on GitHub hosted agents.

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
---
 .github/workflows/sca-integration-depscan.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/sca-integration-depscan.yml b/.github/workflows/sca-integration-depscan.yml
index adfb76804f..a11c4001ad 100644
--- a/.github/workflows/sca-integration-depscan.yml
+++ b/.github/workflows/sca-integration-depscan.yml
@@ -24,10 +24,10 @@ jobs:
   generate-and-load-sbom:
     runs-on: ubuntu-24.04
     steps:
-      - name: Install OWASP dep-scan
+      - name: Install OWASP dep-scan v6 beta
         run: |
           sudo npm install -g @cyclonedx/cdxgen
-          pip install owasp-depscan
+          pip install --pre owasp-depscan[all]
 
       - name: Generate SBOM with OWASP dep-scan
         run: |
@@ -36,6 +36,10 @@ jobs:
             --type docker \
             --reports-dir reports \
             --explain
+        env:
+          CDXGEN_TEMP_DIR: ${{ runner.temp }}/cdxgen-temp
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PYTHONUTF8: 1
 
       - name: Upload SBOM as GitHub Artifact
         uses: actions/upload-artifact@v4

From 2bafe30958055fcc60516cebe17f67a7f6259638 Mon Sep 17 00:00:00 2001
From: prabhu <7842+prabhu@users.noreply.github.com>
Date: Thu, 4 Sep 2025 17:43:53 +0100
Subject: [PATCH 2/2] Set cdxgen temp dir

Signed-off-by: Prabhu Subramanian <prabhu@appthreat.com>
---
 .github/workflows/sca-integration-cdxgen.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sca-integration-cdxgen.yml b/.github/workflows/sca-integration-cdxgen.yml
index 0af013ab99..9b1c462832 100644
--- a/.github/workflows/sca-integration-cdxgen.yml
+++ b/.github/workflows/sca-integration-cdxgen.yml
@@ -34,7 +34,8 @@ jobs:
             --output cdxgen-sbom.cdx.json \
             --spec-version 1.6 \
             --json-pretty
-
+        env:
+          CDXGEN_TEMP_DIR: ${{ runner.temp }}/cdxgen-temp
       - name: Upload SBOM as GitHub Artifact
         uses: actions/upload-artifact@v4
         with: