Stijnus b88eb6ee15 Fix security workflow to generate reports locally instead of uploading to GitHub Security (#1950) ...

- Changed security-events permission from write to read
- Disabled automatic SARIF upload in CodeQL analysis
- Removed Trivy SARIF upload step that was causing permission errors
- Added artifact uploads for all security scan results (CodeQL, Trivy secrets, SBOM)
- Reports are now available for download as workflow artifacts for local review

2025-08-31 14:28:13 +02:00

2.8 KiB

Raw Blame History

View Raw