Also includes configuration change that introduces informative and normative vulnerability scans in CI