Skip to content

Commit f783d87

Browse files
committed
ci: run osv-scanner
1 parent 503006c commit f783d87

1 file changed

Lines changed: 9 additions & 1 deletion

File tree

.github/workflows/ci.yml

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ concurrency:
1414
permissions: {}
1515

1616
jobs:
17-
audit:
17+
audit-detector:
1818
permissions:
1919
contents: read # to fetch code (actions/checkout)
2020
runs-on: ubuntu-latest
@@ -25,6 +25,14 @@ jobs:
2525
persist-credentials: false
2626
- name: Audit dependencies for security vulnerabilities
2727
uses: g-rath/check-with-osv-detector@0e8c0f954d8618a3a4671eca1918b30b2d085af3 # v0.2.0
28+
audit-scanner:
29+
permissions:
30+
contents: read # to fetch code (actions/checkout)
31+
steps:
32+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
33+
with:
34+
persist-credentials: false
35+
- run: docker run -v ${PWD}:/src ghcr.io/google/osv-scanner:latest -r scan
2836
ruff:
2937
permissions:
3038
contents: read # to fetch code (actions/checkout)

0 commit comments

Comments
 (0)