1
0
Fork 0
mirror of https://github.com/imjasonh/govulncheck-action synced 2026-07-14 11:26:24 +00:00
govulncheck-action/package.json
Jason Hall 39e329ab61
Initial implementation of govulncheck GitHub Action
This action runs govulncheck on Go projects and creates GitHub annotations
for vulnerabilities found in dependencies and code paths.

Features:
- Automated vulnerability scanning with govulncheck
- Smart annotations on go.mod for vulnerable dependencies
- Annotations on source code lines that call vulnerable functions
- Configurable working directory
- Output variables for vulnerability detection

The implementation includes:
- Modular architecture with separate concerns (execution, parsing, annotation)
- Comprehensive test suite with 100% function coverage
- Example vulnerable Go module for demonstration
- GitHub workflow example
- Full documentation

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-06-06 23:41:03 -04:00

40 lines
787 B
JSON

{
"name": "my-github-action",
"version": "1.0.0",
"description": "A minimal GitHub Action implemented in Node.js",
"main": "index.js",
"scripts": {
"test": "jest",
"test:watch": "jest --watch",
"test:coverage": "jest --coverage"
},
"keywords": [
"github",
"action"
],
"author": "",
"license": "MIT",
"dependencies": {
"@actions/core": "^1.10.1",
"@actions/github": "^6.0.0",
"@actions/exec": "^1.1.1"
},
"devDependencies": {
"jest": "^29.7.0"
},
"jest": {
"testEnvironment": "node",
"collectCoverageFrom": [
"index.js",
"lib/**/*.js"
],
"coverageThreshold": {
"global": {
"branches": 80,
"functions": 80,
"lines": 80,
"statements": 80
}
}
}
}