Skip to content

Commit aaf49eb

Browse files
beepboopworldbeepboopworld
committed
Add Trivy dependency scan to CI
1 parent a636360 commit aaf49eb

2 files changed

Lines changed: 2 additions & 30 deletions

File tree

README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,8 +14,9 @@ A minimal REST API written in Go to demonstrate secure development practices and
1414
- Use logging cautiously to prevent data leaks.
1515
- CI integration makes security part of the developer workflow.
1616
- Security scan (gosec) initially flagged missing error handling and server timeouts, which were remediated. Current scan reports zero issues.
17+
- Added Trivy dependency scanning alongside static analysis to simulate supply-chain and SCA checks in CI.
1718

1819
## Next Steps
1920
- Add JMT auth example.
20-
- Integrate Vault for secret injection
21+
- Integrate Vault for secret injection.
2122
- Add Dockerfile and container scan.

security-scan.yml

Lines changed: 0 additions & 29 deletions
This file was deleted.

0 commit comments

Comments
 (0)