2323 go-version : ${{ env.GO_VERSION }}
2424
2525 - name : golangci-lint
26- uses : golangci/golangci-lint-action@v4
26+ uses : golangci/golangci-lint-action@v8
2727 with :
2828 version : latest
2929 args : --timeout=5m
4949 - name : Run tests
5050 run : go test -v -race -coverprofile=coverage.out -covermode=atomic ./...
5151
52- - name : Upload coverage to Codecov
53- uses : codecov/codecov-action@v4
54- with :
55- file : ./coverage.out
56- flags : unittests
57- name : codecov-umbrella
58-
5952 - name : Generate test summary
6053 uses : test-summary/action@v2
6154 with :
@@ -114,46 +107,6 @@ jobs:
114107 go-version : ${{ env.GO_VERSION }}
115108
116109 - name : Run Gosec Security Scanner
117- uses : securecodewarrior/github-action-gosec@master
118- with :
119- args : ' -fmt sarif -out gosec.sarif ./...'
120-
121- - name : Upload SARIF file
122- uses : github/codeql-action/upload-sarif@v3
123- with :
124- sarif_file : gosec.sarif
125-
126- - name : Run Trivy vulnerability scanner
127- uses : aquasecurity/trivy-action@master
128- with :
129- scan-type : ' fs'
130- scan-ref : ' .'
131- format : ' sarif'
132- output : ' trivy-results.sarif'
133-
134- - name : Upload Trivy scan results to GitHub Security tab
135- uses : github/codeql-action/upload-sarif@v3
136- with :
137- sarif_file : ' trivy-results.sarif'
138-
139- dependency-check :
140- name : Dependency Check
141- runs-on : ubuntu-latest
142- steps :
143- - name : Checkout
144- uses : actions/checkout@v4
145-
146- - name : Set up Go
147- uses : actions/setup-go@v4
110+ uses : securego/gosec@master
148111 with :
149- go-version : ${{ env.GO_VERSION }}
150-
151- - name : Check for known vulnerabilities
152- uses : sonatypecommunity/nancy-github-action@main
153- with :
154- nancyVersion : v1.0.46
155-
156- - name : Run govulncheck
157- run : |
158- go install golang.org/x/vuln/cmd/govulncheck@latest
159- govulncheck ./...
112+ args : ./...
0 commit comments