Skip to content

🛡️ Security automation w. Google OSV-Scanner CI/CD Action #126

New issue
New issue
Closed
Task
2 of 2 issues completed
#241
#239
Closed
🛡️ Security automation w. Google OSV-Scanner CI/CD Action#126
Task
2 of 2 issues completed
#241
#239
Assignees
Supervinh
Labels
RUNToute activité liée au maintient en conditions opérationnelles, bugs,...dependenciesPull requests that update a dependency fileenhancementNew feature or requestgithub_actionsPull requests that update GitHub Actions codegoPull requests that update go codepersona:developerproductivityreleasedreleased on @developsecuritysucces-remarquableFlagger une issue ou une PR comme un succès particulier !
@adriens

Description

@adriens
adriens
opened on Oct 31, 2025

❔ About

While making some review on osv benefits I found some issues that trivy could not find :

... then I manually found them, built a report and patch operation to fix them :

Which also pointed that we were not in the latest Go runtime.

👉 The point here is to automate this while keep improving base code security.

🎯 Action

Implement OSV-Scanner CI/CD Action :

  • A workflow that triggers a scan with each pull request and will only report new vulnerabilities introduced through the pull request.
  • A workflow that performs a full vulnerability scan, which can be configured to scan on pushes or a regular schedule.

📑 Resources

Metadata

Metadata

Assignees

Labels

RUNToute activité liée au maintient en conditions opérationnelles, bugs,...dependenciesPull requests that update a dependency fileenhancementNew feature or requestgithub_actionsPull requests that update GitHub Actions codegoPull requests that update go codepersona:developerproductivityreleasedreleased on @developsecuritysucces-remarquableFlagger une issue ou une PR comme un succès particulier !

Type

Task

Projects

geol

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions