mirror of
https://github.com/espressif/esp-idf
synced 2025-03-09 17:19:09 -04:00
5ec411679b
This adds a github action, which performs continuous vulnerability scanning using the esp-idf-sbom-action github action. The test is scheduled everyday at midnight and it's also possible to start it as dispatched workflow. This scans all possible manifest files in repository. The references for scanning are defined in github's VULNERABILITY_SCAN_REFS variable and a json list. For example ['master', 'release/v5.2', 'release/v5.1', 'release/v5.0', 'release/v4.4'] Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>