Skip to content

[MEDIUM] No security scanning in CI (SAST/dependency/container) #232

Open
#240
Open
[MEDIUM] No security scanning in CI (SAST/dependency/container)#232
#240
Labels
devopsDevOps and CI/CDsecuritySecurity-related finding
@ibuyspy

Description

@ibuyspy
ibuyspy
opened on May 7, 2026

No matches for \codeql, \dependency-review, \ rivy, \ fsec, \checkov, or
pm audit\ in any workflow.

Fix: Add security scan stage(s): dependency audit + CodeQL + container scan + IaC scan.
Source: DevOps audit

Metadata

Metadata

Assignees

No one assigned

    Labels

    devopsDevOps and CI/CDsecuritySecurity-related finding

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions