From c2655f51c2d03c8015835810a69c2d3fdadbb14e Mon Sep 17 00:00:00 2001
From: will Farrell <willfarrell@users.noreply.github.com>
Date: Sat, 18 Apr 2026 13:02:12 -0600
Subject: [PATCH 1/2] feat: add 'License headers' job to test-sast.yml

---
 .github/workflows/test-sast.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/test-sast.yml b/.github/workflows/test-sast.yml
index 770a053..06ef48a 100644
--- a/.github/workflows/test-sast.yml
+++ b/.github/workflows/test-sast.yml
@@ -13,7 +13,27 @@ permissions:
   contents: read
 
 jobs:
-  lockfile-lint:
+license:
+    name: "License headers"
+    runs-on: ubuntu-latest
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+      - name: Setup Node.js ${{ env.NODE_VERSION }}
+        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          registry-url: https://registry.npmjs.org
+          cache: npm
+      - name: Install dependencies
+        run: |
+          npm ci --ignore-scripts
+      - name: License check
+        run: |
+          npm run test:sast:license  lockfile-lint:
     name: 'lockfile-lint: SAST package-lock.json'
     runs-on: ubuntu-latest
     if: (github.actor != 'dependabot[bot]')

From effa15e0bd2399f9c3263c51ad7bd3e1bc7f44e3 Mon Sep 17 00:00:00 2001
From: will Farrell <willfarrell@users.noreply.github.com>
Date: Sat, 18 Apr 2026 13:03:03 -0600
Subject: [PATCH 2/2] feat: add 'License headers' job to test-sast.yml

---
 .github/workflows/test-sast.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test-sast.yml b/.github/workflows/test-sast.yml
index 06ef48a..27ffa72 100644
--- a/.github/workflows/test-sast.yml
+++ b/.github/workflows/test-sast.yml
@@ -13,7 +13,7 @@ permissions:
   contents: read
 
 jobs:
-license:
+  license:
     name: "License headers"
     runs-on: ubuntu-latest
     if: (github.actor != 'dependabot[bot]')
@@ -33,7 +33,9 @@ license:
           npm ci --ignore-scripts
       - name: License check
         run: |
-          npm run test:sast:license  lockfile-lint:
+          npm run test:sast:license
+
+  lockfile-lint:
     name: 'lockfile-lint: SAST package-lock.json'
     runs-on: ubuntu-latest
     if: (github.actor != 'dependabot[bot]')