riyan-ahmed · riyan-ahmed · Dec 26, 2025 · Dec 26, 2025 · Jan 3, 2026 · Jan 15, 2026
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -135,4 +135,4 @@ jobs:
         uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
-          sarif_file: trivy.sarif
+          sarif_file: trivy.sarif
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# DevSecOps Investigation Journey: An Analytical Case Study of "Shift-Left" Security
+# DevSecOps Investigation Journey: An Analytical Case Study of Shift-Left Security in a Java CI/CD Pipeline.
 
 ## 📖 Project Overview
 This project investigates the trade-offs of **DevSecOps** practices, focusing on the balance between **performance overhead** and **security efficacy** in CI/CD pipelines.  
@@ -26,7 +26,7 @@ It provides a practical, empirical case study of "Shift-Left" security by integr
 
 ## 📊 Experimental Phases
 
-### Phase 1: Baseline Pipeline
+### Phase 1: Baseline Pipeline 
 - Built a clean CI/CD pipeline for Spring Boot.
 - **Baseline runtime**: 43 seconds.
 
@@ -57,4 +57,4 @@ It provides a practical, empirical case study of "Shift-Left" security by integr
 
 ---
 
-## 📂 Repository Structure
+## 📂 Repository Structure
diff --git a/pom.xml b/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>3.3.0</version>
+    <version>3.4.10</version>
     <relativePath/>
   </parent>
 
@@ -33,6 +33,11 @@
       <artifactId>spring-boot-starter-test</artifactId>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.apache.logging.log4j</groupId>
+      <artifactId>log4j-core</artifactId>
+      <version>2.17.0</version>
+    </dependency>
   </dependencies>
 
   <build>
@@ -94,4 +99,4 @@
     </plugins>
   </build>
 
-</project>
+</project>