chore: bootstrap code-signal scanner #1
security.yml
on: push
OSV-Scanner (SCA)
6s
Trivy (filesystem scan)
24s
Semgrep (SAST)
26s
Gitleaks (secret scan)
6s
jscpd (duplication < 5% on production Go)
13s
SBOM (SPDX + CycloneDX)
14s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
6.86 KB |
sha256:96be05030842b51e36b1922142e33d86fe8a774e9d6263396538344a0ca93edf
|
|