Curation of DevSecOps tools that all work together inside the minimum amount of containers. Just run make exec and read the How To!
-
Updated
Nov 11, 2024 - Dockerfile
Curation of DevSecOps tools that all work together inside the minimum amount of containers. Just run make exec and read the How To!
Automated container image scanning pipeline using GitHub Actions and Trivy. Builds Docker images, enforces a High/Critical vulnerability gate, and generates HTML reports, SBOMs, and SAST findings. Demonstrates DevSecOps, supply chain security, and CI-based risk controls.
GitLab mirror of skillward-bundle — deterministic offline scanner image for skillward.
Add a description, image, and links to the semgrep topic page so that developers can more easily learn about it.
To associate your repository with the semgrep topic, visit your repo's landing page and select "manage topics."