Skip to content

Merge branch 'ccip-develop' into offchain-usdc #1853

Merge branch 'ccip-develop' into offchain-usdc

Merge branch 'ccip-develop' into offchain-usdc #1853

name: Dependency Vulnerability Check
on:
push:
jobs:
changes:
name: Detect changes
runs-on: ubuntu-latest
outputs:
changes: ${{ steps.changes.outputs.src }}
steps:
- name: Checkout the repo
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
id: changes
with:
filters: |
src:
- '**/*go.sum'
- '**/*go.mod'
- '.github/workflows/dependency-check.yml'
Go:
runs-on: ubuntu-latest
needs: [changes]
steps:
- name: Check out code
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Set up Go
if: needs.changes.outputs.src == 'true'
uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
id: go
- name: Write Go Modules list
if: needs.changes.outputs.src == 'true'
run: go list -json -m all > go.list
- name: Check vulnerabilities
if: needs.changes.outputs.src == 'true'
uses: sonatype-nexus-community/nancy-github-action@main
with:
nancyVersion: "v1.0.39"
- name: Collect Metrics
if: always()
id: collect-gha-metrics
uses: smartcontractkit/push-gha-metrics-action@d2c2b7bdc9012651230b2608a1bcb0c48538b6ec
with:
basic-auth: ${{ secrets.GRAFANA_CLOUD_BASIC_AUTH }}
hostname: ${{ secrets.GRAFANA_CLOUD_HOST }}
this-job-name: Go
continue-on-error: true