Skip to content

Add workflow govulncheck to detect vulnerabilitied #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 14 commits into
base: master
Choose a base branch
from
Open

Add workflow govulncheck to detect vulnerabilitied #47

wants to merge 14 commits into from

Conversation

peczenyj
Copy link
Contributor

@peczenyj peczenyj commented Apr 18, 2024
edited
Loading

GitHub Action for govulncheck

https://github.com/golang/govulncheck-action

@quasilyte
Copy link
Owner

@cristaloleg do you know anything about this dependency review action?

@cristaloleg
Copy link
Contributor

My 2c: I prefer verifying Go code via govulncheck https://go.dev/blog/govulncheck (by example https://github.com/cristalhq/.github/blob/main/.github/workflows/vuln.yml) and nothing else.

Also, I don't check Github Actions deps 'cause it's mostly checkout my code and install Go.

@cristaloleg
Copy link
Contributor

Official govulncheck Github Action https://github.com/golang/govulncheck-action

@peczenyj
Copy link
Contributor Author

how about now?

@peczenyj peczenyj changed the title Add dependency review Add workflow govulncheck Apr 18, 2024
@peczenyj peczenyj changed the title Add workflow govulncheck Add workflow govulncheck to detect vulnerabilitied Dec 3, 2024
alexandear
alexandear approved these changes Feb 13, 2025
View reviewed changes
Copy link

@alexandear alexandear left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A typo in PR's title: "vulnerabilitied" -> "vulnerabilities"

alexandear
alexandear reviewed Feb 13, 2025
View reviewed changes
.github/workflows/go.yml
Comment on lines +20 to +22
"cache": true,
"cache-dependency-path": "**/go.sum",
},
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is not needed, as caching enabled by default. See https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexandear alexandear alexandear approved these changes

@cristaloleg cristaloleg cristaloleg approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@peczenyj @quasilyte @cristaloleg @alexandear