ci(auth): add Grype scan step; document provenance/sbom OCI referrer limitation (CAR-1446) #52

Merged

Barcode Betty merged 1 commits from betty/car-1446-sbom-provenance-scan into dev

2026-06-23 02:41:18 +00:00

Author	SHA1	Message	Date
Barcode Betty	30fa99a717	ci(auth): add Grype scan step; document provenance/sbom OCI referrer limitation (CAR-1446) CI / build-and-push (pull_request) Has been skipped Details CI / deploy-dev (pull_request) Has been skipped Details CI / deploy-uat (pull_request) Has been skipped Details - Insert anchore/scan-action@v5 step between Build and Push - severity-cutoff: high, only-fixed: true (matches monorepo pattern) - Add inline comment on provenance:false/sbom:false explaining OCI distribution spec >=1.1 limitation on git.farh.net registry Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-06-23 02:39:55 +00:00