feat: port codeiq from Java/Spring Boot to Go single-binary (Phases 1-4) #121
aksOpssecurity.yml
on: pull_request
OSV-Scanner (SCA)
10s
Trivy (filesystem + container scan)
18s
Semgrep (SAST)
40s
Gitleaks (secret scan)
12s
jscpd (duplication < 3% on touched code)
13s
SBOM (SPDX + CycloneDX)
19s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
23.5 KB |
sha256:5a85ee56dfb4af2a98764037b235dd74ab5634c6d6503bafb9e1f2f123d6a96e
|
|