Skip to content

Commit

Permalink
ci: fix govulncheck workflow
Browse files Browse the repository at this point in the history
Signed-off-by: Francisco de Borja Aranda Castillejo <borja@zetachain.com>
  • Loading branch information
fbac committed Jul 23, 2024
1 parent 3106ecc commit e6e9414
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 28 deletions.
28 changes: 0 additions & 28 deletions .github/workflows/dependencies.yml

This file was deleted.

31 changes: 31 additions & 0 deletions .github/workflows/govulncheck.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: 'Go vulnerability check'

on:
push:
branches:
- main
pull_request:
branches:
- '*'

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Run govulncheck
id: govulncheck
uses: golang/govulncheck-action@v1
with:
check-latest: true
go-version-input: 1.22
go-package: ./...
output-format: sarif
output-file: govulncheck.sarif

- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: govulncheck.sarif

0 comments on commit e6e9414

Please sign in to comment.