chore(deps): bump Lombok from 1.18.42 to 1.18.44 #18

	name: Security Scan

	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	schedule:
	- cron: '0 2 * * 0' # Every Sunday at 02:00 UTC

	jobs:
	spotbugs:
	name: SpotBugs
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v6

	- name: Set up JDK 21
	uses: actions/setup-java@v5
	with:
	java-version: '21'
	distribution: 'temurin'
	cache: gradle

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Run SpotBugs
	run: ./gradlew spotbugsMain

	- name: Upload SpotBugs reports
	uses: actions/upload-artifact@v7
	if: always()
	with:
	name: spotbugs-reports
	path: '/build/reports/spotbugs/'

	dependency-check:
	name: OWASP Dependency-Check
	runs-on: ubuntu-latest
	if: github.event_name != 'pull_request'

	steps:
	- uses: actions/checkout@v6

	- name: Set up JDK 21
	uses: actions/setup-java@v5
	with:
	java-version: '21'
	distribution: 'temurin'
	cache: gradle

	- name: Grant execute permission for gradlew
	run: chmod +x gradlew

	- name: Cache NVD Database
	uses: actions/cache@v5
	with:
	path: ~/.gradle/dependency-check-data
	key: nvd-${{ hashFiles('**/build.gradle.kts') }}
	restore-keys: \|
	nvd-

	- name: Run OWASP Dependency-Check
	run: ./gradlew dependencyCheckAll
	env:
	NVD_API_KEY: ${{ secrets.NVD_API_KEY }}

	- name: Upload Dependency-Check reports
	uses: actions/upload-artifact@v7
	if: always()
	with:
	name: dependency-check-reports
	path: '**/build/reports/dependency-check-report.html'

Provide feedback