Skip to content

feat(ci-cd): add trivy scan #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
yeshamavani merged 1 commit into from
Dec 18, 2025
Merged

feat(ci-cd): add trivy scan #102

yeshamavani merged 1 commit into from
Dec 18, 2025

Conversation

@vaibhavbhalla2505
Copy link
Contributor

@vaibhavbhalla2505 vaibhavbhalla2505 commented Dec 18, 2025
edited
Loading

Description

add trivy scan

Fixes #101

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Intermediate change (work in progress)

Checklist:

  • Performed a self-review of my own code
  • npm test passes on your machine
  • New tests added or existing tests modified to cover all changes
  • Code conforms with the style guide
  • API Documentation in code was updated
  • Any dependent changes have been merged and published in downstream modules

@vaibhavbhalla2505 vaibhavbhalla2505 self-assigned this Dec 18, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 18, 2025

SonarQube reviewer guide

Summary: Add Trivy security scanning workflow and dependency updates including validator, node-forge, jws, and glob packages.

Review Focus:

  • The Trivy configuration in trivy.yml which scans for HIGH/CRITICAL vulnerabilities and secrets
  • Dependency version updates throughout package-lock.json, particularly security-related packages
  • Workflow trigger configuration to run on PRs to master branch

Start review at: .github/workflows/trivy.yaml. This is the core addition that introduces automated security scanning to the CI/CD pipeline and should be validated first to ensure proper configuration for vulnerability detection.

💬 Please send your feedback

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yeshamavani yeshamavani merged commit 500fa5d into master Dec 18, 2025
7 checks passed
@yeshamavani
Copy link
Contributor

yeshamavani commented Dec 19, 2025

🎉 This PR is included in version 5.0.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yeshamavani yeshamavani yeshamavani approved these changes

Assignees

@vaibhavbhalla2505 vaibhavbhalla2505

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

add trivy scan

3 participants

@vaibhavbhalla2505 @yeshamavani