1
0
Fork 0
mirror of https://github.com/imjasonh/govulncheck-action synced 2026-07-13 19:08:02 +00:00
govulncheck-action/example/main.go
Jason Hall 39e329ab61
Initial implementation of govulncheck GitHub Action
This action runs govulncheck on Go projects and creates GitHub annotations
for vulnerabilities found in dependencies and code paths.

Features:
- Automated vulnerability scanning with govulncheck
- Smart annotations on go.mod for vulnerable dependencies
- Annotations on source code lines that call vulnerable functions
- Configurable working directory
- Output variables for vulnerability detection

The implementation includes:
- Modular architecture with separate concerns (execution, parsing, annotation)
- Comprehensive test suite with 100% function coverage
- Example vulnerable Go module for demonstration
- GitHub workflow example
- Full documentation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-06 23:41:03 -04:00

15 lines
337 B
Go

package main
import (
"strings"
"golang.org/x/net/html"
)
func main() {
// html.Parse in x/net/html has a vulnerability in the version we depend on. The action should find it.
_, err := html.Parse(strings.NewReader(`<html><body><div class="container"><p>Hello, World!</p></div></body></html>`))
if err != nil {
panic(err)
}
}