Skip to content

Pinned the goreleaser version to 1.26.2 (#977) #637

Pinned the goreleaser version to 1.26.2 (#977)

Pinned the goreleaser version to 1.26.2 (#977) #637

Workflow file for this run

name: Security
on:
pull_request: {}
push:
branches: ["main", "v1"]
schedule:
- cron: "30 0 1,15 * *"
jobs:
semgrep:
name: Semgrep Scan
runs-on: ubuntu-latest
container:
image: returntocorp/semgrep
# Skip any PR created by dependabot to avoid permission issues
if: (github.actor != 'dependabot[bot]')
steps:
- uses: actions/checkout@v3
- run: semgrep ci
env:
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_TOKEN }}
govulncheck:
name: Vulnerabilities Scan
runs-on: ubuntu-latest
steps:
- name: Scan for vulnerabilities in go code
uses: golang/govulncheck-action@dd3ead030e4f2cf713062f7a3395191802364e13 # [email protected]
with:
check-latest: true