fix(security,test): clear 3 SonarCloud vulnerabilities + flaky pipeline test #109
security.yml
on: pull_request
OSV-Scanner (SCA)
6s
Trivy (filesystem + container scan)
14s
Semgrep (SAST)
26s
Gitleaks (secret scan)
7s
jscpd (duplication < 3% on touched code)
12s
SBOM (SPDX + CycloneDX)
19s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.8 KB |
sha256:a4ae3e3eb3783a9ae66230c74edd6366dbc59ed2a5aa899009818fd493e15cae
|
|