SaFi Bank Space : Vulnerability scan

Vulnerability scan is done with Trivy as part of _app-build-and-push.yml pipeline (step Run Trivy vulnerability scanner).
Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages.

After Docker image is built, it is scanned for vulns in base image and java dependencies. Results are available in GitHub Actions console in two tables (Base image and Java (jar)).