This PR contains additions related to security tools/procedures that we need to implement:
Added CODEOWNERS file. Combined with the branch protection policy that will soon be implemented, this will make sure that code can be pushed to "main" branch of EUDIW repositories only after it is approved by 2 senior stakeholders (that belong to 'niscy-admin' team.
Added the latest updates on sonar.yml workflow. This workflow is designed to trigger SAST appropriately, according to the event type that initiated it.
Added gitleaks workflow to identify sensitive info inside the repository (hardcoded passwords/tokens etc)
Added gitleaks.toml (practically this is the 'rules' list that gitleaks uses to fulfill its purpose
Added dependencycheck workflow to check for vulnerabilities in 3rd party components (sometimes dependabot can miss certain dependencies so we add this for coverage also -between everything else-
This PR contains additions related to security tools/procedures that we need to implement:
Added CODEOWNERS file. Combined with the branch protection policy that will soon be implemented, this will make sure that code can be pushed to "main" branch of EUDIW repositories only after it is approved by 2 senior stakeholders (that belong to 'niscy-admin' team.
Added the latest updates on sonar.yml workflow. This workflow is designed to trigger SAST appropriately, according to the event type that initiated it.
Added gitleaks workflow to identify sensitive info inside the repository (hardcoded passwords/tokens etc)
Added gitleaks.toml (practically this is the 'rules' list that gitleaks uses to fulfill its purpose
Added dependencycheck workflow to check for vulnerabilities in 3rd party components (sometimes dependabot can miss certain dependencies so we add this for coverage also -between everything else-