Skip to content

Introduce OSV scanning workflow #2

Introduce OSV scanning workflow

Introduce OSV scanning workflow #2

Workflow file for this run

name: OSV Scan
on: push
jobs:
extract-deps:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: "upload Cargo.lock"
uses: actions/upload-artifact@v4
with:
name: cargo-lock
path: Cargo.lock
retention-days: 2
vuln-scan:
name: Vulnerability scanning
needs: extract-deps
uses: "google/osv-scanner-action/.github/workflows/[email protected]"
with:
download-artifact: cargo-lock
scan-args: |-
--lockfile=Cargo.lock
permissions:
security-events: write
contents: read