name: "donotpassgo"
description: "general go code checks"
runs:
  using: "composite"
  steps:
    - name: "install go packages"
      run: |
        go install golang.org/x/vuln/cmd/govulncheck@latest
        go install github.com/securego/gosec/v2/cmd/gosec@latest
      
    - name: "dependency scan"
      run: |
        govulncheck ./...
        gosec ./...