Update .gitea/workflows/security.yaml (#7)
All checks were successful
code scans / scans (push) Successful in 1m15s
All checks were successful
code scans / scans (push) Successful in 1m15s
Reviewed-on: #7
This commit is contained in:
parent
26c50085d6
commit
386a766185
@ -3,23 +3,9 @@ on: [push, pull_request] #runs on pushes to any branch
|
|||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
scans:
|
scans:
|
||||||
runs-on: smoke-test
|
runs-on: test
|
||||||
steps:
|
steps:
|
||||||
- name: "clone code"
|
- uses: actions/checkout@v4
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
- name: "install go"
|
- name: "dependency scan and static code analysis"
|
||||||
uses: https://code.jakeyoungdev.com/actions/install-go@v0.1.3
|
uses: https://code.jakeyoungdev.com/actions/donotpassgo@v1.0.0
|
||||||
with:
|
|
||||||
commands: |
|
|
||||||
golang.org/x/vuln/cmd/govulncheck@latest
|
|
||||||
|
|
||||||
- name: "dependency and stdlib scan"
|
|
||||||
uses: https://code.jakeyoungdev.com/actions/report-vulns@master
|
|
||||||
with:
|
|
||||||
manager: go
|
|
||||||
|
|
||||||
- name: "static code analysis"
|
|
||||||
uses: securego/gosec@master
|
|
||||||
with:
|
|
||||||
args: ./...
|
|
||||||
Loading…
x
Reference in New Issue
Block a user