feat: add osv-scanner

2025-12-11 15:08:55 -08:00
parent 0b519b1529
commit bc5440f99f
1 changed files with 30 additions and 0 deletions
@@ -123,3 +123,33 @@ jobs:
            echo "No Semgrep scan results found"
            exit 1
          fi
+
+      # Need Go
+      - name: Install Go
+        uses: actions/setup-go@v6
+        with:
+          go-version: 'stable' # Latest stable version
+
+      # Install OSV Scanner
+      - name: Install OSV Scanner
+        run: |
+          export PATH="$HOME/go/bin:$PATH"
+          go install github.com/google/osv-scanner/cmd/osv-scanner@latest
+
+      # Run OSV Scanner
+      - name: Run OSV Scanner
+        run: |
+          export PATH="$HOME/go/bin:$PATH"
+          osv-scanner -r scan --format table --output osv-results.txt .
+
+      # Display OSV Scanner results
+      - name: Display OSV Scanner scan results
+        if: always()
+        run: |
+          if [ -f osv-results.txt ]; then
+            echo "=== OSV Scanner Results ==="
+            cat osv-results.txt
+          else
+            echo "No OSV Scanner scan results found"
+            exit 1
+          fi