mirror of
https://github.com/imjasonh/govulncheck-action
synced 2026-07-14 11:26:24 +00:00
This action runs govulncheck on Go projects and creates GitHub annotations for vulnerabilities found in dependencies and code paths. Features: - Automated vulnerability scanning with govulncheck - Smart annotations on go.mod for vulnerable dependencies - Annotations on source code lines that call vulnerable functions - Configurable working directory - Output variables for vulnerability detection The implementation includes: - Modular architecture with separate concerns (execution, parsing, annotation) - Comprehensive test suite with 100% function coverage - Example vulnerable Go module for demonstration - GitHub workflow example - Full documentation 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
40 lines
787 B
JSON
40 lines
787 B
JSON
{
|
|
"name": "my-github-action",
|
|
"version": "1.0.0",
|
|
"description": "A minimal GitHub Action implemented in Node.js",
|
|
"main": "index.js",
|
|
"scripts": {
|
|
"test": "jest",
|
|
"test:watch": "jest --watch",
|
|
"test:coverage": "jest --coverage"
|
|
},
|
|
"keywords": [
|
|
"github",
|
|
"action"
|
|
],
|
|
"author": "",
|
|
"license": "MIT",
|
|
"dependencies": {
|
|
"@actions/core": "^1.10.1",
|
|
"@actions/github": "^6.0.0",
|
|
"@actions/exec": "^1.1.1"
|
|
},
|
|
"devDependencies": {
|
|
"jest": "^29.7.0"
|
|
},
|
|
"jest": {
|
|
"testEnvironment": "node",
|
|
"collectCoverageFrom": [
|
|
"index.js",
|
|
"lib/**/*.js"
|
|
],
|
|
"coverageThreshold": {
|
|
"global": {
|
|
"branches": 80,
|
|
"functions": 80,
|
|
"lines": 80,
|
|
"statements": 80
|
|
}
|
|
}
|
|
}
|
|
}
|