fix(release): cosign v4 bundle format (#136) #146
aksOpssecurity.yml
on: push
OSV-Scanner (SCA)
5s
Trivy (filesystem + container scan)
10s
Semgrep (SAST)
23s
Gitleaks (secret scan)
13s
jscpd (duplication < 3% on touched code)
12s
SBOM (SPDX + CycloneDX)
18s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
12.4 KB |
sha256:ffb16dd10ef7b6ea0849f449f2f5480299255051ef24ef7f0802bc2ebca26bb2
|
|