Skip to content

Add Improved security-workflow #752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Improved security-workflow #752

wants to merge 1 commit into from

Conversation

@JLESUS
Copy link

@JLESUS JLESUS commented Sep 15, 2025

Summary

Needed for PCI to ensure every PCI repo that uses or touches PCI components needs to have SAST and SCA scanning. These changes put dependency review and CodeQL into one single workflow.

Checklist

  • Added a changelog entry

@github-actions
Copy link

github-actions bot commented Sep 15, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
See the Details below.

Scanned Files

  • .github/workflows/security.dependency-review.yml
  • .github/workflows/security.yml

@JLESUS JLESUS closed this Sep 15, 2025
@JLESUS JLESUS reopened this Sep 15, 2025
@JLESUS JLESUS requested a review from jplukarski September 15, 2025 20:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jplukarski jplukarski Awaiting requested review from jplukarski

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JLESUS