name: VulnCheck on: pull_request: branches: - master push: branches: - master permissions: contents: read # to fetch code (actions/checkout) jobs: vulncheck: name: Analysis runs-on: ubuntu-latest steps: - name: Check out code into the Go module directory uses: actions/checkout@v3 - name: Set up Go uses: actions/setup-go@v3 with: go-version: 1.21.0 check-latest: true - name: Get official govulncheck run: go install golang.org/x/vuln/cmd/govulncheck@latest shell: bash - name: Run govulncheck run: govulncheck ./... shell: bash