chore(sonar): Phase 1 maintainability cleanup (~50 issues) #114
security.yml
on: pull_request
OSV-Scanner (SCA)
6s
Trivy (filesystem + container scan)
14s
Semgrep (SAST)
45s
Gitleaks (secret scan)
9s
jscpd (duplication < 3% on touched code)
16s
SBOM (SPDX + CycloneDX)
26s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.8 KB |
sha256:f7c70ace2c17453d29fcb80073231e938a88a982afe0403a71a5d2705c1d9bca
|
|