Release/12.4.0.4 #1386

	name: Trivy Scanner

	on:
	pull_request:
	push:
	branches:
	- develop
	schedule:
	- cron: "0 21 * * 0"

	permissions:
	contents: read
	security-events: write

	jobs:
	dotnet:
	name: .NET Analysis
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- uses: actions/setup-dotnet@v4
	with:
	dotnet-version: "8.0.x"

	- name: dotnet backend
	run: dotnet build CSETWebApi/CSETWeb_Api/CSETWeb_Api.sln

	- name: Run vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	format: sarif
	output: trivy-dotnet-results.sarif
	scan-type: fs
	scan-ref: ./CSETWebApi
	scanners: vuln
	severity: CRITICAL,HIGH


	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-dotnet-results.sarif'

	nodejs:
	name: Node.js Analysis
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Run vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	format: sarif
	output: trivy-nodejs-results.sarif
	scan-type: fs
	scan-ref: ./CSETWebNg
	severity: CRITICAL,HIGH

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-nodejs-results.sarif'

Provide feedback