DROP: TEMP #1
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright 2023 Democratized Data Foundation | |
| # | |
| # Use of this software is governed by the Business Source License | |
| # included in the file licenses/BSL.txt. | |
| # | |
| # As of the Change Date specified in that file, in accordance with | |
| # the Business Source License, use of this software will be governed | |
| # by the Apache License, Version 2.0, included in the file | |
| # licenses/APL.txt. | |
| name: Check Vulnerabilities Workflow | |
| on: | |
| pull_request: | |
| branches: | |
| - master | |
| - develop | |
| push: | |
| tags: | |
| - 'v[0-9]+.[0-9]+.[0-9]+' | |
| branches: | |
| - master | |
| - develop | |
| - "**" | |
| jobs: | |
| check-vulnerabilities: | |
| name: Check vulnerabilities job | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code into the directory | |
| uses: actions/checkout@v4 | |
| - name: Setup Go environment explicitly | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: 'go.mod' | |
| check-latest: true | |
| cache: false | |
| - name: Install govulncheck | |
| run: make deps:vulncheck | |
| - name: Run govulncheck scan | |
| run: govulncheck -C . -format text ./... | tee govulncheck.txt | |
| - name: Check if only known vulnerabilities were found | |
| run: cat govulncheck.txt | grep "Your code is affected by 2 vulnerabilities from 1 module." | |
| # Use the steps below once the x/crisis (crisis.init) bug is fixed or if the | |
| # ability to silence is implemented: https://github.com/golang/go/issues/61211 | |
| #steps: | |
| # - name: Run govulncheck | |
| # uses: golang/govulncheck-action@v1 | |
| # with: | |
| # go-version-file: 'go.mod' | |
| # check-latest: true | |
| # cache: false | |
| # go-package: ./... |