1
0
Fork 0
mirror of https://github.com/imjasonh/govulncheck-action synced 2026-07-11 10:01:05 +00:00
Commit graph

2 commits

Author SHA1 Message Date
c4a3cd53b0 build: migrate to ESM and esbuild
Updates the project to use ESM modules and replaces ncc with esbuild. This fixes build failures caused by newer @actions/core versions which use strict ESM exports that ncc cannot resolve.

Also updates tests to use ESM and dependency injection.

Signed-off-by: Jason Hall <imjasonh@gmail.com>
2026-02-21 02:54:49 -05:00
Jason Hall
b288fc77b2
Fix parser to handle multi-line JSON format and add local testing
This commit fixes the parser to handle both JSON lines and multi-line JSON
formats from govulncheck, and adds tools for local testing:

- Updated parser to detect and handle both JSON lines and pretty-printed JSON
- Added logic to skip govulncheck installation if already present
- Created run-local.js for testing the action locally without GitHub Actions
- Added test:local npm script for easy local testing
- Changed example to use a version of golang.org/x/net with known vulnerabilities

The parser now correctly identifies 14 vulnerabilities in the example,
including ones that trace to the html.Parse call in main.go.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-07 00:14:39 -04:00