You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
GitHub Action
Golang Vulncheck
v0.0.2
Performs vulnerability scan using govulncheck and afterwards uploads it as Sarif Report to Github
Describe how to use your action here.
Please be aware that this workflow highlights all available inputs. But all inputs come with a default value. Hence it is not required to provide any values.
name: My Workflow
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Running govulncheck
uses: Templum/govulncheck-action@<version>
with:
package: ./...
version: v0.0.0-20220908210932-64dbbd7bba4f
github-token: ${{ secrets.GITHUB_TOKEN }}
Input | Description |
---|---|
package (optional) |
The package you want to scan, by default will be ./... |
version (optional) |
Version of govulncheck that should be used, by default it will be latest |
github-token (optional) |
Github Token to upload sarif report. Needs write permissions for security_events |
Please be aware if the token is not specified it uses
github.token
for more details on that check those docs