Honor ignore files and exclude tests from scans #12
security.yml
on: pull_request
OSV-Scanner (SCA)
7s
Trivy (filesystem scan)
9s
Semgrep (SAST)
29s
Gitleaks (secret scan)
7s
jscpd (duplication < 5% on production Go)
15s
SBOM (SPDX + CycloneDX)
12s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
6.87 KB |
sha256:6fb6dec8f3cb507233ccc67d8aa67aabbd9261cb5674e55c8b0f3e49cfb5de20
|
|