feat: add sourcecodepro package by default #53

	name: security

	on:
	push:
	branches: [main]
	paths: [Dockerfile]
	pull_request:
	branches: [main]
	paths: [Dockerfile]

	permissions:
	# required for all workflows
	security-events: write
	# only required for workflows in private repositories
	actions: read
	contents: read

	jobs:
	kics:
	runs-on: ubuntu-latest
	name: kics
	steps:
	- uses: actions/checkout@v4
	- name: Run KICS Scan with SARIF result
	uses: checkmarx/[email protected]
	with:
	path: 'Dockerfile'
	platform_type: Dockerfile
	fail_on: high
	output_formats: 'json,sarif'
	exclude_queries: b03a748a-542d-44f4-bb86-9199ab4fd2d5,fd54f200-402c-4333-a5a4-36ef6709af2f
	- name: Upload SARIF file
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: results.sarif

Provide feedback