Version updated for https://github.com/nelssec/qualys-code-scan to version v1. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The Qualys Code Scan GitHub Action automates the process of scanning code repositories for vulnerabilities, detecting secrets, and generating software bills of materials (SBOMs). It integrates with the GitHub Security tab, creates issues for identified vulnerabilities, and supports flexible pass/fail criteria using thresholds or Qualys cloud policies.

Version updated for https://github.com/nelssec/qualys-container-scan to version v1. This action is used across all versions by ? repositories. Go to the GitHub Marketplace to find the latest changes. Action Summary The Qualys Container Scan GitHub Action automates the scanning of Docker/OCI container images for security vulnerabilities and secrets within container layers using Qualys Container Security. It integrates with GitHub’s Security tab for SARIF report uploads, enables automatic creation of GitHub issues for detected vulnerabilities, and supports configurable pass/fail criteria based on thresholds or Qualys cloud policies.