build(ui): source-only main; build & embed UI at release time #170
security.yml
on: pull_request
OSV-Scanner (SCA)
9s
Trivy (filesystem + container scan)
14s
Semgrep (SAST)
22s
Gitleaks (secret scan)
7s
jscpd (duplication < 3% on touched code)
15s
SBOM (SPDX + CycloneDX)
25s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
38.5 KB |
sha256:83d87c57ff08c70cf4b11111dd367b2401839f528387e68c6ed493cea9c2d0e6
|
|