From e14c3ede1e7a4ad0483d6b92d32121116fb79e60 Mon Sep 17 00:00:00 2001
From: Venkata Sai Kiran <105751242+kiran1942@users.noreply.github.com>
Date: Thu, 16 Oct 2025 11:52:24 -0400
Subject: [PATCH 1/2] Change default value for fail_on_trivy_scan to true

---
 .github/workflows/build.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index be5ded02..1f55d5d4 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,7 +12,7 @@ on:
         type: boolean
         description: fail the build if vulnerabilities are found
         required: true 
-        default: false
+        default: true
 jobs:
   build:
     name: Build Image
@@ -28,6 +28,8 @@ jobs:
 
     - name: Check out code
       uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5
+      with:
+          submodules: true
 
     - name: Set Image Tag
       env:
@@ -102,4 +104,4 @@ jobs:
       with:
         status: ${{ job.status }}
         steps: ${{ toJson(steps) }}
-      if: always()
\ No newline at end of file
+      if: always()

From 4d551d6afb873241ee3167201daf171a8a2b9875 Mon Sep 17 00:00:00 2001
From: Venkata Sai Kiran <105751242+kiran1942@users.noreply.github.com>
Date: Thu, 16 Oct 2025 11:58:07 -0400
Subject: [PATCH 2/2] Update Tomcat base image version to 11.0.10

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 1ff66f58..921f8155 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,7 @@ COPY . .
 RUN mvn package -DskipTests
 
 # Production stage
-FROM tomcat:11.0.4-jdk17 AS fnl_base_image
+FROM tomcat:11.0.10-jdk17 AS fnl_base_image
 
 RUN apt-get update && apt-get -y upgrade