2025-05-10 01:26:25 -04:00
|
|
|
# donotpassgo
|
2025-05-17 01:34:28 -04:00
|
|
|
A composite workflow that runs security checks on Go projects. Golang must be installed before this workflow can run.
|
2025-05-10 14:39:30 -04:00
|
|
|
|
|
|
|
|
## Steps
|
|
|
|
|
### govulncheck
|
2025-05-17 01:32:56 -04:00
|
|
|
govulncheck is installed using 'go install' and is used to scan the application dependencies and standard library.
|
2025-05-10 14:39:30 -04:00
|
|
|
|
|
|
|
|
### gosec
|
|
|
|
|
gosec is used for static code analysis.
|
2025-05-11 00:38:58 -04:00
|
|
|
|
|
|
|
|
## TODO
|
|
|
|
|
1. Add support for unit tests
|
|
|
|
|
2. Add ginkgo/gomega support
|
