GitHub Actions
e643a60c32
fix: remediate supply chain vulnerabilities and implement no-cache builds
## Summary
Addresses 8 Medium severity vulnerabilities identified in supply chain scan
for PR #461. Implements no-cache Docker builds to prevent layer caching
issues and remediates golang.org/x/crypto vulnerabilities via replace
directive.
## Changes
### Security Fixes
- Add go.mod replace directive forcing golang.org/x/crypto v0.42.0 -> v0.45.0
- Addresses GHSA-j5w8-q4qc-rx2x (SSH connection handling)
- Addresses GHSA-f6x5-jh6r-wrfv (SSH key parsing)
- Transitive dependency from go-playground/validator/v10@v10.28.0
- Tested with backend unit tests - all passing
### Docker Build Improvements
- Add no-cache: true to docker-build.yml main build step
- Add --no-cache flag to PR-specific builds (trivy-pr-app-only)
- Add --no-cache flag to waf-integration.yml builds
- Remove GitHub Actions cache configuration (cache-from, cache-to)
- Ensures clean builds with accurate vulnerability
2026-01-11 20:56:44 +00:00
..
2026-01-04 20:04:22 +00:00
2026-01-07 02:54:01 +00:00
2026-01-07 02:54:01 +00:00
2026-01-10 03:39:25 +00:00
2026-01-11 20:13:15 +00:00
2026-01-11 05:33:23 +00:00
2026-01-11 19:33:25 +00:00
2026-01-11 19:33:25 +00:00
2026-01-11 20:56:44 +00:00
2026-01-07 04:36:37 +00:00
2025-12-21 04:08:42 +00:00
2025-12-20 20:37:16 +00:00
2025-12-23 15:09:22 +00:00
2026-01-11 04:27:26 +00:00
2026-01-11 04:27:26 +00:00
2026-01-11 04:27:26 +00:00
2025-12-21 04:08:42 +00:00
2025-12-23 01:59:21 +00:00
2025-12-21 04:08:42 +00:00
2025-12-21 04:08:42 +00:00
2025-12-21 04:08:42 +00:00
2025-12-24 20:34:38 +00:00
2025-12-23 01:59:21 +00:00
2026-01-11 04:27:26 +00:00
2025-12-21 04:08:42 +00:00
2025-12-21 04:08:42 +00:00
2025-12-21 04:08:42 +00:00
2025-12-21 04:08:42 +00:00
2025-12-23 01:59:21 +00:00
2025-12-21 04:08:42 +00:00
2025-12-23 01:23:54 -05:00
2025-12-24 20:34:38 +00:00
2026-01-10 03:33:38 +00:00
2026-01-11 20:13:15 +00:00