Merge pull request #614 from openimsdk/cherry-pick-d34d525 #1153
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: OpenIM Run Gosec | |
# gosec is a source code security audit tool for the Go language. It performs a static | |
# analysis of the Go code, looking for potential security problems. The main functions of gosec are: | |
# 1. Find common security vulnerabilities, such as SQL injection, command injection, and cross-site scripting (XSS). | |
# 2. Audit codes according to common security standards and find non-standard codes. | |
# 3. Assist the Go language engineer to write safe and reliable code. | |
# https://github.com/securego/gosec/ | |
on: | |
push: | |
branches: "*" | |
pull_request: | |
branches: "*" | |
paths-ignore: | |
- '*.md' | |
- '*.yml' | |
- '.github' | |
jobs: | |
golang-security-action: | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v3 | |
- name: Run Gosec Security Scanner | |
uses: securego/gosec@master | |
with: | |
args: ./... | |
continue-on-error: true |