github.com/goreleaser/nfpm/v2@v2.44.0/.github/workflows/govulncheck.yml

github.com/goreleaser/nfpm/v2@v2.44.0/.github/workflows/govulncheck.yml (about)

     1  name: govulncheck
     2  on:
     3    pull_request:
     4    push:
     5      branches: [main]
     6    schedule:
     7      - cron: "0 2 * * *"
     8  permissions:
     9    contents: read
    10  concurrency:
    11    group: govulncheck-${{ github.event.pull_request.number || github.ref }}
    12    cancel-in-progress: true
    13  jobs:
    14    govulncheck:
    15      runs-on: ubuntu-latest
    16      permissions:
    17        security-events: write
    18        contents: read
    19      steps:
    20        - uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
    21          with:
    22            output-format: sarif
    23            output-file: results.sarif
    24        - uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
    25          with:
    26            sarif_file: results.sarif