mirror of
https://github.com/projectdiscovery/nuclei.git
synced 2025-12-26 11:45:32 +00:00
c61e325ace
* chore(dependabot): added new `security` group Signed-off-by: Dwi Siswanto <git@dw1.io> * ci: added new `govulncheck` workflow Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(dependabot): merge 2 groups Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>
27 lines
700 B
YAML
27 lines
700 B
YAML
name: 🐛 govulncheck
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * 0' # Weekly
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
govulncheck:
|
|
runs-on: ubuntu-latest
|
|
if: github.repository == 'projectdiscovery/nuclei'
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
env:
|
|
OUTPUT: "/tmp/results.sarif"
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: projectdiscovery/actions/setup/go@v1
|
|
- run: go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
- run: govulncheck -scan package -format sarif ./... > $OUTPUT
|
|
- uses: github/codeql-action/upload-sarif@v3
|
|
with:
|
|
sarif_file: "${{ env.OUTPUT }}"
|
|
category: "govulncheck"
|