feat: port codeiq from Java/Spring Boot to Go single-binary (Phases 1-4) #127
aksOpssecurity.yml
on: pull_request
OSV-Scanner (SCA)
5s
Trivy (filesystem + container scan)
18s
Semgrep (SAST)
38s
Gitleaks (secret scan)
14s
jscpd (duplication < 3% on touched code)
17s
SBOM (SPDX + CycloneDX)
18s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
23 KB |
sha256:443b51a3ebb8e7cd700585f3fddf52a3a436f2929f1f50954591127f17f10dd4
|
|