Skip to content

Security Scanning

Code Scanning

The frontend and backend code is scanned for vulnerabilities using CodeQL. The scanning results are available in the GitHub Security tab.

All containers are scanned in the pipeline automatically.

Secret Scanning

Secrets are scanned automatically by GitHub.

Container Scanning

The built Docker images are scanned for high and critical vulnerabilities using Trivy.