Skip to content
Go Vulnerability Check

ci: Bump anchore/sbom-action from 0.23.1 to 0.24.0 #34

Sign in to view logs

ci: Bump anchore/sbom-action from 0.23.1 to 0.24.0

ci: Bump anchore/sbom-action from 0.23.1 to 0.24.0 #34

Workflow file for this run

.github/workflows/govulncheck.yml at 0d894c9
name: Go Vulnerability Check
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: '0 0 * * 0' # Weekly on Sundays at midnight UTC
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
govulncheck:
name: Run govulncheck
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Set up Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
with:
go-version-file: cli/go.mod
cache-dependency-path: cli/go.sum
- name: Install govulncheck
run: go install golang.org/x/vuln/cmd/govulncheck@latest
- name: Run govulncheck
working-directory: cli
run: govulncheck ./...