fix(security,test): clear 3 SonarCloud vulnerabilities + flaky pipeline test #112
security.yml
on: pull_request
OSV-Scanner (SCA)
7s
Trivy (filesystem + container scan)
19s
Semgrep (SAST)
25s
Gitleaks (secret scan)
9s
jscpd (duplication < 3% on touched code)
17s
SBOM (SPDX + CycloneDX)
25s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.8 KB |
sha256:7394310e3e273653ce987b3d2f515a3f98c76d080a268fa4bf45dc0870856385
|
|