Skip to content

ci: add govulncheck workflow#241

Open
gecube wants to merge 1 commit into
kaasops:mainfrom
gecube:ci/govulncheck
Open

ci: add govulncheck workflow#241
gecube wants to merge 1 commit into
kaasops:mainfrom
gecube:ci/govulncheck

Conversation

@gecube

@gecube gecube commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

What

Add a Vulnerability Check workflow that runs govulncheck against the module set.

Triggers:

  • push / pull_request to main/master — catch vulnerabilities introduced by dependency or code changes.
  • schedule (weekly) — catch newly disclosed vulnerabilities in unchanged dependencies.
  • workflow_dispatch — manual runs.

govulncheck reports only vulnerabilities that are actually reachable from the code, so it stays low-noise. The tree currently reports no vulnerabilities.

New workflow file only; no code impact.

Run govulncheck on pushes, pull requests and weekly to continuously
scan the module set for known vulnerabilities. The tree currently
reports no vulnerabilities.

Signed-off-by: Gaál György <gb12335@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant