feat: port codeiq from Java/Spring Boot to Go single-binary (Phases 1-4) #125
aksOpssecurity.yml
on: pull_request
OSV-Scanner (SCA)
8s
Trivy (filesystem + container scan)
13s
Semgrep (SAST)
37s
Gitleaks (secret scan)
11s
jscpd (duplication < 3% on touched code)
16s
SBOM (SPDX + CycloneDX)
21s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
22.4 KB |
sha256:211c9d461f1cc48118fa99d0a8879fde37b4858d26b0ced85b0a283647771265
|
|