fix(security,test): clear 3 SonarCloud vulnerabilities + flaky pipeline test #110
security.yml
on: pull_request
OSV-Scanner (SCA)
7s
Trivy (filesystem + container scan)
15s
Semgrep (SAST)
28s
Gitleaks (secret scan)
9s
jscpd (duplication < 3% on touched code)
14s
SBOM (SPDX + CycloneDX)
24s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.7 KB |
sha256:a97d43e272484160e6a9079189061a1a0f33fe433af49d1592d82e7a8e08f079
|
|