Skip to content

build(deps): Bump actions/dependency-review-action from 3.1.5 to 4.0.… #238

build(deps): Bump actions/dependency-review-action from 3.1.5 to 4.0.…

build(deps): Bump actions/dependency-review-action from 3.1.5 to 4.0.… #238

Workflow file for this run

---
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.
name: Govulncheck
on:
push:
branches:
- main
pull_request:
branches:
- main
# Declare default permissions as read only.
permissions: read-all
jobs:
govulncheck_job:
runs-on: ubuntu-latest
name: Scan for vulns
steps:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
- name: Install Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '>= 1.21'
cache: true
- id: govulncheck
uses: golang/govulncheck-action@7da72f730e37eeaad891fcff0a532d27ed737cd4 # v1.0.1
with:
go-version-input: '>= 1.21'
check-latest: true