name: "test scans"
on: push #runs on pushes to any branch

jobs:
  scans:
    runs-on: smoke-test
    steps:
      - name: "clone code"
        uses: actions/checkout@v4

      - name: "dependency and stdlib scan"
        uses: golang/govulncheck-action@v1
    
      - name: "static code analysis"
        uses: securego/gosec@v2.22.3
        with:
          args: ./...