Update README.md

Add container image scanning and SBOM generation tasks to Taskfile
2025-12-29 20:13:27 -06:00 · 2025-12-29 20:13:19 -06:00
2 changed files with 15 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -90,6 +90,8 @@ The project uses [Task](https://taskfile.dev/) for all development tasks.
 | podman-build  | Build Podman image                    |
 | podman-run    | Run Podman container                  |
 | podman        | Build and run Podman container        |
+| scan          | Scan container image with trivy       |
+| sbom          | Generate SBOM with trivy              |
 | version:minor | Bump version minor                    |
 | version:major | Bump version major                    |
 | setup         | Setup development environment         |
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -25,7 +25,7 @@ tasks:
  publish:
    desc: Publish to npm registry
    cmds:
-      - pnpm publish
+      - pnpm publish --no-git-checks

  preview:
    desc: Preview production build
@@ -80,6 +80,18 @@ tasks:
    desc: Build and run Podman container
    deps: [podman-build, podman-run]

+  scan:
+    desc: Scan container image with trivy
+    cmds:
+      - trivy image --scanners vuln surveilled
+
+  sbom:
+    desc: Generate SBOM with trivy
+    cmds:
+      - mkdir -p sbom
+      - trivy fs --format spdx-json --include-dev-deps --output sbom/sbom.spdx.json .
+      - trivy fs --format cyclonedx --include-dev-deps --output sbom/sbom.cyclonedx.json .
+
  setup:
    desc: Setup development environment
    cmds:
Author	SHA1	Message	Date
Sudo-Ivan	1e694fcbf0	Update README.md All checks were successful OSV-Scanner Scheduled Scan / scan-scheduled (push) Successful in 10s Details CI / check (push) Successful in 9m26s Details CI / build (push) Successful in 9m36s Details	2025-12-29 20:13:27 -06:00
Sudo-Ivan	077dbf95c2	Add container image scanning and SBOM generation tasks to Taskfile	2025-12-29 20:13:19 -06:00