feat: prod-readiness PR 4 of 5 — observability (request tracing + JSON logs + structured errors) #78
aksOpssecurity.yml
on: pull_request
OSV-Scanner (SCA)
5s
Trivy (filesystem + container scan)
37s
Semgrep (SAST)
49s
Gitleaks (secret scan)
12s
jscpd (duplication < 3% on touched code)
16s
SBOM (SPDX + CycloneDX)
14s
Artifacts
Produced during runtime
| Name | Size | Digest | |
|---|---|---|---|
|
sbom
|
31.9 KB |
sha256:e6eed69532fa9a32e7893394b6edb8348e79f7a06cac33c30ff1d11dc331c04a
|
|