Updates the project to use ESM modules and replaces ncc with esbuild. This fixes build failures caused by newer @actions/core versions which use strict ESM exports that ncc cannot resolve.
Also updates tests to use ESM and dependency injection.
Signed-off-by: Jason Hall <imjasonh@gmail.com>
This commit fixes the parser to handle both JSON lines and multi-line JSON
formats from govulncheck, and adds tools for local testing:
- Updated parser to detect and handle both JSON lines and pretty-printed JSON
- Added logic to skip govulncheck installation if already present
- Created run-local.js for testing the action locally without GitHub Actions
- Added test:local npm script for easy local testing
- Changed example to use a version of golang.org/x/net with known vulnerabilities
The parser now correctly identifies 14 vulnerabilities in the example,
including ones that trace to the html.Parse call in main.go.
🤖 Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>