refactor: 7-tool MCP triage surface + SQLite survival tuning #140
security.yml
on: pull_request
OSV-Scanner (SCA)
7s
Trivy (filesystem + container scan)
15s
Semgrep (SAST)
24s
Gitleaks (secret scan)
8s
jscpd (duplication < 3% on touched code)
17s
SBOM (SPDX + CycloneDX)
20s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.5 KB |
sha256:c59b8e1836d2a726bdc36824d1a8db90ae0be905c525d94974c0675d2c254565
|
|