Skip to content

feat: Sec. index on json #3933

feat: Sec. index on json

feat: Sec. index on json #3933

# Copyright 2023 Democratized Data Foundation
#
# Use of this software is governed by the Business Source License
# included in the file licenses/BSL.txt.
#
# As of the Change Date specified in that file, in accordance with
# the Business Source License, use of this software will be governed
# by the Apache License, Version 2.0, included in the file
# licenses/APL.txt.
name: Check Vulnerabilities Workflow
on:
pull_request:
branches:
- master
- develop
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
branches:
- master
- develop
jobs:
check-vulnerabilities:
name: Check vulnerabilities job
runs-on: ubuntu-latest
steps:
- name: Checkout code into the directory
uses: actions/checkout@v4
- name: Setup Go environment explicitly
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'
check-latest: true
cache: false
- name: Install govulncheck
run: make deps:vulncheck
- name: Run govulncheck scan
run: govulncheck -C . -format text ./... | tee govulncheck.txt
- name: Check if only known vulnerabilities were found (there are new vulnerabilities if this fails)
run: cat govulncheck.txt | grep "Your code is affected by 2 vulnerabilities from 1 module."
# Use the steps below once the x/crisis (crisis.init) bug is fixed or if the
# ability to silence is implemented: https://github.com/golang/go/issues/61211
#steps:
# - name: Run govulncheck
# uses: golang/govulncheck-action@v1
# with:
# go-version-file: 'go.mod'
# check-latest: true
# cache: false
# go-package: ./...