MrSphay/codex-agent-repository-kit
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 5 Wiki Activity

Add scheduled security scan workflow

Browse Source
This commit is contained in:
MrSphay
2026-05-03 22:01:41 +02:00
parent a218e338bd
commit 6308417945
8 changed files with 241 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
new-repository.md
View File

@@ -50,6 +50,7 @@ files/release-notes.md -> docs/release-notes.md
files/blueprint.md -> blueprint.md
files/blueprint.json -> blueprint.json
files/build-gitea.yml -> .gitea/workflows/build.yml
files/security-scan-gitea.yml -> .gitea/workflows/security-scan.yml
```
Skip `build-gitea.yml` when the project has no CI target yet. Skip README blueprint files when the project should keep a very small manual README.
@@ -156,6 +157,8 @@ upload artifacts
Only publish artifacts to a package registry when the artifact names and credentials are known.
For releasable projects, config tools, apps, or repositories that process user data, secrets, or deployment files, also add `.gitea/workflows/security-scan.yml`. Keep the scheduled workflow conservative and review false positives before silencing checks.
### 7. Finish
Before final response: