Skip to content

Security (OSS-CLI)

Security (OSS-CLI) #29

Triggered via schedule June 22, 2026 10:16
Status Success
Total duration 42s
Artifacts 1

security.yml

on: schedule
Trivy (filesystem + container scan)
24s
Trivy (filesystem + container scan)
Semgrep (SAST)
20s
Semgrep (SAST)
PSScriptAnalyzer (Error severity gate)
37s
PSScriptAnalyzer (Error severity gate)
Gitleaks (secret scan)
6s
Gitleaks (secret scan)
jscpd (duplication < 3% on touched code)
14s
jscpd (duplication < 3% on touched code)
SBOM (SPDX + CycloneDX)
12s
SBOM (SPDX + CycloneDX)
Fit to window
Zoom out
Zoom in

Annotations

2 warnings
SBOM (SPDX + CycloneDX)
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: anchore/sbom-action@fc46e51fd3cb168ffb36c6d1915723c47db58abb. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
jscpd (duplication < 3% on touched code)
Node.js 20 is deprecated. The following actions target Node.js 20 but are being forced to run on Node.js 24: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Artifacts

Produced during runtime
Name Size Digest
sbom
4.01 KB
sha256:8ceb5ac31ca3448afe12a21cc5344a60dc5637316fea94f69dc6f3e886baed2b