feat(security): prod-readiness PR 1 of 5 — bearer auth, security headers, error envelope #69
aksOpssecurity.yml
on: pull_request
OSV-Scanner (SCA)
11s
Trivy (filesystem + container scan)
36s
Semgrep (SAST)
30s
Gitleaks (secret scan)
11s
jscpd (duplication < 3% on touched code)
15s
SBOM (SPDX + CycloneDX)
12s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
30.6 KB |
sha256:5e239d326b5c99123beaa415374e09d6ecec2c9193078c1afad896a1b5d5754f
|
|