From 84fc0f083f8016d536de96b7cb2a5a1e116dc8c3 Mon Sep 17 00:00:00 2001
From: AndyFlintAnswerDigital <andrew.flint2@nhs.net>
Date: Thu, 12 Feb 2026 15:44:39 +0000
Subject: [PATCH 1/6] [PRM-716] Changed pip install logic on ods-downloader

---
 services/ods-downloader/Dockerfile | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/services/ods-downloader/Dockerfile b/services/ods-downloader/Dockerfile
index 4751f58..50bbd3f 100644
--- a/services/ods-downloader/Dockerfile
+++ b/services/ods-downloader/Dockerfile
@@ -1,13 +1,12 @@
 FROM python:3.14-slim
 
-COPY . /prmods
+WORKDIR /prmods
+COPY . .
 
 ARG IMAGE_TAG
 ENV BUILD_TAG=${IMAGE_TAG}
 
-RUN pip install --upgrade pip && \
-    pip install setuptools && \
-    cd /prmods && \
-    python setup.py install
+RUN pip install --upgrade pip setuptools wheel && \
+    pip install .
 
 ENTRYPOINT ["python", "-m", "prmods.pipeline.main"]

From aaba0657d2ac015f685d02e0a063255121024939 Mon Sep 17 00:00:00 2001
From: AndyFlintAnswerDigital
 <116072207+AndyFlintAnswerDigital@users.noreply.github.com>
Date: Fri, 13 Feb 2026 16:01:45 +0000
Subject: [PATCH 2/6] Update services/ods-downloader/Dockerfile

Co-authored-by: Kris Bloe <2674722+chrisbloe@users.noreply.github.com>
---
 services/ods-downloader/Dockerfile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/services/ods-downloader/Dockerfile b/services/ods-downloader/Dockerfile
index 50bbd3f..403db11 100644
--- a/services/ods-downloader/Dockerfile
+++ b/services/ods-downloader/Dockerfile
@@ -1,7 +1,9 @@
 FROM python:3.14-slim
 
 WORKDIR /prmods
-COPY . .
+COPY ./build ./build
+COPY ./src ./src
+COPY setup.py /
 
 ARG IMAGE_TAG
 ENV BUILD_TAG=${IMAGE_TAG}

From 171430dea94114d6784ea9ba5251c48c45e99cdf Mon Sep 17 00:00:00 2001
From: AndyFlintAnswerDigital <andrew.flint2@nhs.net>
Date: Fri, 13 Feb 2026 16:09:47 +0000
Subject: [PATCH 3/6] [PRM-716] Modified dockerfile copy

---
 services/ods-downloader/Dockerfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/services/ods-downloader/Dockerfile b/services/ods-downloader/Dockerfile
index 403db11..9088217 100644
--- a/services/ods-downloader/Dockerfile
+++ b/services/ods-downloader/Dockerfile
@@ -1,9 +1,8 @@
 FROM python:3.14-slim
 
 WORKDIR /prmods
-COPY ./build ./build
 COPY ./src ./src
-COPY setup.py /
+COPY setup.py .
 
 ARG IMAGE_TAG
 ENV BUILD_TAG=${IMAGE_TAG}

From c7da9cd261b681d12e9537586b197e2519add5ab Mon Sep 17 00:00:00 2001
From: AndyFlintAnswerDigital <andrew.flint2@nhs.net>
Date: Fri, 13 Feb 2026 16:26:20 +0000
Subject: [PATCH 4/6] [PRM-716] Upgraded node versions & removed nvmrc

---
 .github/workflows/automated-deploy-dashboard-dev.yml | 12 ++++++------
 .github/workflows/automated-sonarcloud-analysis.yml  |  6 +++---
 .github/workflows/deploy-dashboard-dev.yml           |  6 +++---
 dashboard/.nvmrc                                     |  1 -
 4 files changed, 12 insertions(+), 13 deletions(-)
 delete mode 100644 dashboard/.nvmrc

diff --git a/.github/workflows/automated-deploy-dashboard-dev.yml b/.github/workflows/automated-deploy-dashboard-dev.yml
index 1f7d24b..96dfa0f 100644
--- a/.github/workflows/automated-deploy-dashboard-dev.yml
+++ b/.github/workflows/automated-deploy-dashboard-dev.yml
@@ -29,10 +29,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
+      - name: Use Node.js 24.x
+        uses: actions/setup-node@v6
         with:
-          node-version-file: dashboard/.nvmrc
+          node-version: 24.x
           cache: "npm"
           cache-dependency-path: dashboard/package-lock.json
 
@@ -51,10 +51,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
+      - name: Use Node.js 24.x
+        uses: actions/setup-node@v6
         with:
-          node-version-file: dashboard/.nvmrc
+          node-version: 24.x
           cache: "npm"
           cache-dependency-path: dashboard/package-lock.json
 
diff --git a/.github/workflows/automated-sonarcloud-analysis.yml b/.github/workflows/automated-sonarcloud-analysis.yml
index cc4106b..ec90518 100644
--- a/.github/workflows/automated-sonarcloud-analysis.yml
+++ b/.github/workflows/automated-sonarcloud-analysis.yml
@@ -19,10 +19,10 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
-      - name: Use Node.js 18.x
-        uses: actions/setup-node@v4
+      - name: Use Node.js 24.x
+        uses: actions/setup-node@v6
         with:
-          node-version-file: dashboard/.nvmrc
+          node-version: 24.x
           cache: "npm"
           cache-dependency-path: dashboard/package-lock.json
 
diff --git a/.github/workflows/deploy-dashboard-dev.yml b/.github/workflows/deploy-dashboard-dev.yml
index 8e5a4d1..fe50ab7 100644
--- a/.github/workflows/deploy-dashboard-dev.yml
+++ b/.github/workflows/deploy-dashboard-dev.yml
@@ -41,10 +41,10 @@ jobs:
           echo "::add-mask::$uri"
           echo "uri=$uri" >> $GITHUB_OUTPUT
 
-      - name: Setup Node
-        uses: actions/setup-node@v4
+      - name: Use Node.js 24.x
+        uses: actions/setup-node@v6
         with:
-          node-version-file: dashboard/.nvmrc
+          node-version: 24.x
           cache: "npm"
           cache-dependency-path: dashboard/package-lock.json
 
diff --git a/dashboard/.nvmrc b/dashboard/.nvmrc
deleted file mode 100644
index b492b08..0000000
--- a/dashboard/.nvmrc
+++ /dev/null
@@ -1 +0,0 @@
-18.16

From 938c5e3a9b523ebbef5a7e1f182a6e02b1cf4ee3 Mon Sep 17 00:00:00 2001
From: chrisbloe <kris.bloe2@nhs.net>
Date: Fri, 13 Feb 2026 16:35:39 +0000
Subject: [PATCH 5/6] Upping action versions

---
 .github/workflows/automated-deploy-dashboard-dev.yml | 4 ++--
 .github/workflows/automated-deploy-services-dev.yml  | 2 +-
 .github/workflows/automated-sbom-repo-scan.yml       | 6 +++---
 .github/workflows/automated-sonarcloud-analysis.yml  | 4 ++--
 .github/workflows/deploy-dashboard-dev.yml           | 2 +-
 .github/workflows/deploy-service-dev.yml             | 4 ++--
 6 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/automated-deploy-dashboard-dev.yml b/.github/workflows/automated-deploy-dashboard-dev.yml
index 96dfa0f..d1f3c10 100644
--- a/.github/workflows/automated-deploy-dashboard-dev.yml
+++ b/.github/workflows/automated-deploy-dashboard-dev.yml
@@ -27,7 +27,7 @@ jobs:
       run:
         working-directory: ./dashboard
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Use Node.js 24.x
         uses: actions/setup-node@v6
@@ -49,7 +49,7 @@ jobs:
         working-directory: ./dashboard
     needs: test
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Use Node.js 24.x
         uses: actions/setup-node@v6
diff --git a/.github/workflows/automated-deploy-services-dev.yml b/.github/workflows/automated-deploy-services-dev.yml
index eafb9fe..9709a5b 100644
--- a/.github/workflows/automated-deploy-services-dev.yml
+++ b/.github/workflows/automated-deploy-services-dev.yml
@@ -26,7 +26,7 @@ jobs:
     outputs:
       changed: ${{ steps.get-changed-files.outputs.changed }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/automated-sbom-repo-scan.yml b/.github/workflows/automated-sbom-repo-scan.yml
index bb60d60..cad0f6b 100644
--- a/.github/workflows/automated-sbom-repo-scan.yml
+++ b/.github/workflows/automated-sbom-repo-scan.yml
@@ -15,17 +15,17 @@ jobs:
     name: SBOM Repo Scan
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
-      - uses: anchore/sbom-action@f8bdd1d8ac5e901a77a92f111440fdb1b593736b # v0.20.6
+      - uses: - uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0.22.2
         with:
           path: "."
           format: cyclonedx-json
           output-file: sbom-repo-${{ github.event.repository.name }}-${{ github.sha }}.cdx.json
 
-      - uses: anchore/scan-action@f6601287cdb1efc985d6b765bbf99cb4c0ac29d8 # v7.0.0
+      - uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2
         id: sbom-scan
         with:
           sbom: sbom-repo-${{ github.event.repository.name }}-${{ github.sha }}.cdx.json
diff --git a/.github/workflows/automated-sonarcloud-analysis.yml b/.github/workflows/automated-sonarcloud-analysis.yml
index ec90518..eed5b34 100644
--- a/.github/workflows/automated-sonarcloud-analysis.yml
+++ b/.github/workflows/automated-sonarcloud-analysis.yml
@@ -15,7 +15,7 @@ jobs:
     name: SonarCloud
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
@@ -61,7 +61,7 @@ jobs:
           npm test -- --coverage
 
       - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602 # v6.0.0
+        uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/deploy-dashboard-dev.yml b/.github/workflows/deploy-dashboard-dev.yml
index fe50ab7..f6a6917 100644
--- a/.github/workflows/deploy-dashboard-dev.yml
+++ b/.github/workflows/deploy-dashboard-dev.yml
@@ -18,7 +18,7 @@ jobs:
         working-directory: ./dashboard
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Configure AWS credentials
         uses: aws-actions/configure-aws-credentials@v6
diff --git a/.github/workflows/deploy-service-dev.yml b/.github/workflows/deploy-service-dev.yml
index a6d8594..70ff3b9 100644
--- a/.github/workflows/deploy-service-dev.yml
+++ b/.github/workflows/deploy-service-dev.yml
@@ -44,7 +44,7 @@ jobs:
       run:
         working-directory: ./services/${{ inputs.service_name }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Set up Python 3.14
         uses: actions/setup-python@v6
@@ -77,7 +77,7 @@ jobs:
       run:
         working-directory: ./services/${{ inputs.service_name }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Set up Python 3.14
         uses: actions/setup-python@v6

From b9156f568af931c1549ec942749bbdd01bc9bbd0 Mon Sep 17 00:00:00 2001
From: chrisbloe <kris.bloe2@nhs.net>
Date: Mon, 16 Feb 2026 09:18:27 +0000
Subject: [PATCH 6/6] Fixing typo

---
 .github/workflows/automated-sbom-repo-scan.yml | 2 +-
 .github/workflows/deploy-dashboard-dev.yml     | 3 +--
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/automated-sbom-repo-scan.yml b/.github/workflows/automated-sbom-repo-scan.yml
index cad0f6b..2c766cd 100644
--- a/.github/workflows/automated-sbom-repo-scan.yml
+++ b/.github/workflows/automated-sbom-repo-scan.yml
@@ -19,7 +19,7 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
 
-      - uses: - uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0.22.2
+      - uses: anchore/sbom-action@28d71544de8eaf1b958d335707167c5f783590ad # v0.22.2
         with:
           path: "."
           format: cyclonedx-json
diff --git a/.github/workflows/deploy-dashboard-dev.yml b/.github/workflows/deploy-dashboard-dev.yml
index f6a6917..9ae402c 100644
--- a/.github/workflows/deploy-dashboard-dev.yml
+++ b/.github/workflows/deploy-dashboard-dev.yml
@@ -96,7 +96,7 @@ jobs:
 
   dashboard_build_and_deploy:
     name: Build and deploy dashboard via dashboard pipeline step function
-    needs: [ redeploy_gp2gp_infrastructure_step_functions ]
+    needs: [redeploy_gp2gp_infrastructure_step_functions]
     environment: dev
     runs-on: ubuntu-latest
     steps:
@@ -118,4 +118,3 @@ jobs:
           aws stepfunctions start-execution \
             --state-machine-arn "arn:aws:states:eu-west-2:${{ steps.credentials.outputs.aws-account-id }}:stateMachine:dashboard-pipeline" \
             --input '{"SKIP_METRICS": true,"time": "${{ steps.date.outputs.date }}"}'
-