Skip to content

Commit

Permalink
ci: fix govulncheck workflow
Browse files Browse the repository at this point in the history
Signed-off-by: Francisco de Borja Aranda Castillejo <[email protected]>
  • Loading branch information
Francisco de Borja Aranda Castillejo committed Jul 23, 2024
1 parent 3106ecc commit 1fa4aac
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 28 deletions.
28 changes: 0 additions & 28 deletions .github/workflows/dependencies.yml

This file was deleted.

36 changes: 36 additions & 0 deletions .github/workflows/govulncheck.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: 'Go vulnerability check'

on:
push:
branches:
- main
pull_request:
branches:
- '*'
types:
- synchronize
- opened
- reopened
- ready_for_review

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Run govulncheck
id: govulncheck
uses: golang/govulncheck-action@v1
with:
check-latest: true
go-version-input: 1.22
go-package: ./...
output-format: sarif
output-file: govulncheck.sarif

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: govulncheck.sarif

0 comments on commit 1fa4aac

Please sign in to comment.