Run go's vulnerability checker.
See action.yml
name: Go vulnerabilities check
on: [ push ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: check for go vulnerabilities
uses: opzkit/govulncheck-action@v1.0.0
# optional
with:
go-version: '1.19'
govuln-version: 'latest'
packages: './...'
Input | Description |
---|---|
package (optional) |
The package you want to scan, default: "./..." |
go-version (optional) |
The go version to use, default: "1.19" |
go-version-file (optional) |
Path to the go.mod file to use for determining go version |
check-latest (optional) |
Check for latest available go version that satisfies the version spec, default default: "false" |
govuln-version (optional) |
The govuln version to use, default: "latest" |