.github/workflows/govulncheck.yaml
# "Govulncheck reports known vulnerabilities that affect Go code.
# It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application."
#
# For more information see https://go.dev/blog/vuln and https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
name: 'govulncheck'
on:
push:
branches:
- 'master'
- 'V*'
pull_request:
# The branches below must be a subset of the branches above
branches:
- 'master'
- 'V*'
schedule:
- cron: '21 10 * * 2'
jobs:
govulncheck_job:
runs-on: ubuntu-latest
name: Run govulncheck
steps:
- id: govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-input: 'stable'
go-package: ./...