fix(robustness): P1+P2 follow-ups from brainstorm #72
security.yml
on: pull_request
OSV-Scanner (SCA)
7s
Trivy (filesystem + container scan)
19s
Semgrep (SAST)
31s
Gitleaks (secret scan)
6s
jscpd (duplication < 3% on touched code)
13s
SBOM (SPDX + CycloneDX)
20s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
43.9 KB |
sha256:5d4632635d00f9ce572a5ba8784d5da01ea36ca50afe1439dfe87270a842fad8
|
|