Merge branch 'main' of github.com:DefGuard/defguard.github.io

Michał Gryczka · Michał Gryczka · commit 814cf0c416ed · 2025-10-03T09:21:09.000+02:00
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -6,6 +6,7 @@ on:
       - main
   schedule:
     - cron: '30 3 * * *' # 3:30 AM UTC (SBOMs regenerate at 2:30 AM UTC)
+  workflow_dispatch:
 
 # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
 permissions:
diff --git a/src/pages/sbom.astro b/src/pages/sbom.astro
@@ -155,11 +155,12 @@ const tags = [
       <div slot="left" class="sbom-filelist">
         <p>
           Separate SBOMs are available for <strong>mobile apps</strong> (Android, iOS), the <strong>desktop app</strong>
-          (Windows, macOS, Linux), and <strong>server components</strong> (Core, Proxy, Gateway). Each SBOM is updated <strong>every day</strong> and provided in the standard
-          <strong>SPDX</strong> format, enabling integration with tools like Trivy or Syft.
+          (Windows, macOS, Linux), and <strong>server components</strong> (Core, Proxy, Gateway). 
+          Alongside each SBOM, <strong>advisories files</strong> are also published to summarize known vulnerabilities in detail. 
         </p>
         <p>
-          Alongside each SBOM, <strong>advisories files</strong> are also published to summarize known vulnerabilities in detail. 
+          We use <a href="https://trivy.dev/" target="_blank">Trivy</a> to generate SBOM files and scan for vulnerabilities in our dependencies.
+          Each SBOM is updated <strong>every day</strong> in <a target="_blank" href="https://github.com/DefGuard/defguard/blob/main/.github/workflows/sbom.yml">our CI/CD pipeline</a> and provided in the standard <a href="https://spdx.dev/" target="_blank">SPDX</a> format.
         </p>
         <div class="content-measure">
           <table class="sbom-table" role="table" aria-label="SBOM list with vulnerability status">
