naomi/actions-sandbox
1
0
Fork 0
generated from nhcarrigan/template
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add osv-scanner

Browse Source
This commit is contained in:
Naomi Carrigan
2025-12-11 15:08:55 -08:00
parent 0b519b1529
commit bc5440f99f
1 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/security.yml
+30
View File
@@ -123,3 +123,33 @@ jobs:
echo "No Semgrep scan results found" echo "No Semgrep scan results found"
exit 1 exit 1
fi fi
# Need Go
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: 'stable' # Latest stable version
# Install OSV Scanner
- name: Install OSV Scanner
run: |
export PATH="$HOME/go/bin:$PATH"
go install github.com/google/osv-scanner/cmd/osv-scanner@latest
# Run OSV Scanner
- name: Run OSV Scanner
run: |
export PATH="$HOME/go/bin:$PATH"
osv-scanner -r scan --format table --output osv-results.txt .
# Display OSV Scanner results
- name: Display OSV Scanner scan results
if: always()
run: |
if [ -f osv-results.txt ]; then
echo "=== OSV Scanner Results ==="
cat osv-results.txt
else
echo "No OSV Scanner scan results found"
exit 1
fi