Merge pull request #88 from pzaino/dependabot/github_actions/step-sec… #183

	name: Go-VulnCheck

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	permissions:
	contents: read

	jobs:
	osv-scanner:
	runs-on: ubuntu-latest

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
	with:
	egress-policy: audit

	- name: Checkout repository
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Set up Go
	uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
	with:
	go-version-file: go.mod

	- name: Clean Go environment and install dependencies
	run: \|
	go clean -cache -modcache -i -r
	go mod download
	go mod tidy

	- name: Build the project
	run: \|
	go build ./...
	go test ./...

	- name: Install govulncheck
	run: go install golang.org/x/vuln/cmd/govulncheck@latest

	- name: Download OSV-Scanner
	run: \|
	wget https://github.com/google/osv-scanner/releases/download/v1.8.1/osv-scanner_linux_amd64 -O osv-scanner
	chmod +x osv-scanner

	- name: Run govulncheck
	run: govulncheck ./...

Provide feedback