Skip to content

ci(security): enforce secret scan and remove temp CVE ignore#44

Closed
DivyamTalwar wants to merge 1 commit into
mainfrom
hotfix/launch-security-hardening-pr
Closed

ci(security): enforce secret scan and remove temp CVE ignore#44
DivyamTalwar wants to merge 1 commit into
mainfrom
hotfix/launch-security-hardening-pr

Conversation

@DivyamTalwar

Copy link
Copy Markdown
Owner

What changed

  • add a dedicated mandatory security secret-scan job using gitleaks
  • remove the temporary from pip-audit
  • keep existing dependency-review and codeql jobs intact

Why

  • blocks secret regressions on PR and push to main
  • avoids masking CVE findings in security audit pipeline

@DivyamTalwar

Copy link
Copy Markdown
Owner Author

Superseded by #45, same effective change on clean history branch. Keeping only #45 open.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant