Merge pull request #583 from raghavyuva/parallel-build-manager-workflow #703

	# Workflow: Security Scan
	# Description: Runs Trivy and TruffleHog to detect vulnerabilities and secrets
	# Why: Proactively ensures security

	name: Security Scan

	on:
	schedule:
	- cron: '0 0 * * 0' # Weekly
	push:
	branches:
	- master
	- feat/develop
	workflow_dispatch:

	jobs:
	dependency-scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v6

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	env:
	TRIVY_DISABLE_VEX_NOTICE: "1"
	with:
	scan-type: 'fs'
	scan-ref: '.'
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	severity: 'CRITICAL,HIGH'

	secret-scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v6

	- name: Run TruffleHog
	uses: trufflesecurity/trufflehog@main
	with:
	args: --regex --entropy=False

Provide feedback