Skip to content

govulncheck

govulncheck #123

Workflow file for this run

name: govulncheck
on:
# TODO(gregfurman): Uncomment once vulns are sorted, since this will block everyone's CI.
# push:
# branches:
# - main
# paths:
# - go.mod
# - go.sum
# pull_request:
# paths:
# - go.mod
# - go.sum
schedule:
# Daily at 8:00 UTC
- cron: '0 8 * * *'
workflow_dispatch:
permissions:
contents: read
jobs:
govulncheck:
runs-on: ubuntu-latest
env:
# The job is being killed early, so we need to optimise the resource usage.
GOMAXPROCS: 4
GOMEMLIMIT: 12GiB
GOGC: off
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- uses: actions/setup-go@v6
with:
go-version-file: go.mod
- run: |
go run golang.org/x/vuln/cmd/govulncheck@latest ./...