Claude
f326194de0
Remove Trivy vulnerability scanning from pipeline
Removed all Trivy-related security scanning:
- Removed "Extract first tag for Trivy" step
- Removed "Run Trivy vulnerability scanner" step
- Removed "Upload Trivy results to GitHub Security" step
- Removed "Run Trivy in table format" step
- Removed security-events permission (no longer needed)
Updated SECURITY.md:
- Removed Trivy vulnerability scanning references
- Removed SARIF upload references
- Kept other security measures intact
The workflow now focuses on:
- Fork PR protection
- SBOM generation
- Provenance attestation
- Dependabot updates
2025-11-04 21:52:02 +00:00
..
2021-05-18 20:44:06 +02:00
2025-11-04 21:52:02 +00:00
2025-11-04 21:29:01 +00:00