Skip to content

Add Security content from core and CLI #11

Add Security content from core and CLI

Add Security content from core and CLI #11

Workflow file for this run

name: "Static Analysis"
on:
push:
branches:
- '**'
tags-ignore:
- '**'
pull_request:
jobs:
Static-Check:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: 1.20.x
- name: Static Code Analysis
uses: golangci/golangci-lint-action@v3
with:
args: |
--timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars
Go-Sec:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: 1.20.x
# Temporarily set version 2.18.0 to workaround https://github.com/securego/gosec/issues/1046
- name: Run Gosec Security Scanner
uses: securego/[email protected]
with:
args: -exclude G204,G301,G302,G304,G306 -tests -exclude-dir \.*test\.* ./...