chore(deps): update pre-commit hook codespell-project/codespell to v2… #1498
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Nancy 3p Vulnerability Scan | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| push: | |
| branches: | |
| - main | |
| schedule: | |
| # Run once a week (see https://crontab.guru) | |
| - cron: "0 0 * * 0" | |
| workflow_dispatch: | |
| jobs: | |
| nancy: | |
| name: Run nancy to identify 3p go vulnerabilities | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set up git repository | |
| uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - name: Set up Go | |
| uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5 | |
| with: | |
| go-version: '1.23' | |
| - name: Ensure dependencies are up to date | |
| run: go mod tidy | |
| - name: Write go.list | |
| run: | | |
| go list -json -deps ./... | jq 'select(. | tostring | test("helm|apiserver"; "i") | not)' > go.list | |
| # We are excluding helm dependencies and apiserver from the go.list file for now | |
| # because they are noisy and some of them are not fixed in the latest version. | |
| # We will revisit this in the future: | |
| # run: go list -json -deps ./... > go.list | |
| - name: Run nancy to check for vulnerabilities | |
| uses: sonatype-nexus-community/nancy-github-action@main |