16 lines
368 B
YAML
16 lines
368 B
YAML
name: "donotpassgo"
|
|
description: "general go code checks"
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: "install go packages"
|
|
run: |
|
|
go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
|
|
- name: "dependency scan"
|
|
run: govulncheck ./...
|
|
|
|
- name: "static code analysis"
|
|
uses: securego/gosec@master
|
|
with:
|
|
args: ./... |