From b8944adb65a7d87e6379b592fd7f6134fddc62ae Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Tue, 6 Jun 2023 17:28:52 +0300 Subject: [PATCH] [#55] Add govulncheck in CI Check dependency issues on every PR. Signed-off-by: Alex Vanin --- .forgejo/workflows/vulncheck.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .forgejo/workflows/vulncheck.yml diff --git a/.forgejo/workflows/vulncheck.yml b/.forgejo/workflows/vulncheck.yml new file mode 100644 index 0000000..34692c9 --- /dev/null +++ b/.forgejo/workflows/vulncheck.yml @@ -0,0 +1,24 @@ +on: [pull_request] + +jobs: + vulncheck: + name: Vulncheck + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Sync tree service + run: make sync-tree + + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: '1.20' + + - name: Install govulncheck + run: go install golang.org/x/vuln/cmd/govulncheck@latest + + - name: Run govulncheck + run: govulncheck ./...