From c75add64ec14a8dd2f71eace984c146b2bf847f7 Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Tue, 6 Jun 2023 18:00:31 +0300 Subject: [PATCH] [#124] Add govulncheck in CI Check dependency issues on every PR. Signed-off-by: Alex Vanin --- .forgejo/workflows/vulncheck.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .forgejo/workflows/vulncheck.yml diff --git a/.forgejo/workflows/vulncheck.yml b/.forgejo/workflows/vulncheck.yml new file mode 100644 index 00000000..34692c9a --- /dev/null +++ b/.forgejo/workflows/vulncheck.yml @@ -0,0 +1,24 @@ +on: [pull_request] + +jobs: + vulncheck: + name: Vulncheck + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Sync tree service + run: make sync-tree + + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: '1.20' + + - name: Install govulncheck + run: go install golang.org/x/vuln/cmd/govulncheck@latest + + - name: Run govulncheck + run: govulncheck ./...