Update dependency com.regnosys.rosetta:com.regnosys.rosetta to v9.77.0 #531

	name: CVE Scanning for Node

	defaults:
	run:
	shell: bash
	working-directory: ui

	on:
	push:
	branches: ["main"]
	paths: ["ui/**"]
	pull_request_target:
	branches: ["main"]

	jobs:
	cvescan:
	name: CVE Scan
	runs-on: ubuntu-latest

	permissions:
	contents: read

	env:
	NODE_VERSION: 24.x

	steps:
	- name: Checkout repository (trusted)
	uses: actions/checkout@v4

	- name: Set up Node
	uses: actions/setup-node@v4
	with:
	node-version: ${{ env.NODE_VERSION }}

	- name: Checkout PR code (untrusted)
	uses: actions/checkout@v4
	with:
	repository: ${{ github.event.pull_request.head.repo.full_name }}
	ref: ${{ github.event.pull_request.head.ref }}

	- name: Run CVE scan (auditjs)
	env:
	OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }}
	OSS_INDEX_PASSWORD: ${{ secrets.OSS_INDEX_PASSWORD }}
	run: \|
	echo "Running auditjs with secrets available"
	npm ci
	npx --yes auditjs ossi --whitelist allow-list.json -u "$OSS_INDEX_USERNAME" -p "$OSS_INDEX_PASSWORD"

Provide feedback