Skip to content

Commit 87a33f0

Browse files
committed
Fix ci
1 parent 360c027 commit 87a33f0

1 file changed

Lines changed: 11 additions & 6 deletions

File tree

.github/workflows/ci.yml

Lines changed: 11 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -94,16 +94,19 @@ jobs:
9494
run: govulncheck ./...
9595

9696
- name: Install gosec
97-
run: go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest
97+
run: go install github.com/securego/gosec/v2/cmd/gosec@latest
9898

9999
- name: Run gosec security scanner
100-
run: gosec -fmt sarif -out gosec-results.sarif ./...
100+
uses: securego/gosec@master
101+
with:
102+
args: '-fmt sarif -out gosec-results.sarif ./...'
101103

102104
- name: Upload gosec results to GitHub Security tab
103-
uses: github/codeql-action/upload-sarif@v2
105+
uses: github/codeql-action/upload-sarif@v3
104106
if: always()
105107
with:
106108
sarif_file: gosec-results.sarif
109+
category: gosec
107110

108111
# CodeQL Analysis
109112
codeql-analysis:
@@ -124,7 +127,7 @@ jobs:
124127
uses: actions/checkout@v4
125128

126129
- name: Initialize CodeQL
127-
uses: github/codeql-action/init@v2
130+
uses: github/codeql-action/init@v3
128131
with:
129132
languages: ${{ matrix.language }}
130133
queries: +security-and-quality
@@ -153,7 +156,7 @@ jobs:
153156
go build -v ./cmd/mpcium-cli
154157
155158
- name: Perform CodeQL Analysis
156-
uses: github/codeql-action/analyze@v2
159+
uses: github/codeql-action/analyze@v3
157160
with:
158161
category: "/language:${{matrix.language}}"
159162

@@ -222,12 +225,14 @@ jobs:
222225
fail-build: false
223226
output-format: sarif
224227
output-file: grype-results.sarif
228+
continue-on-error: true
225229

226230
- name: Upload Grype results to GitHub Security tab
227-
uses: github/codeql-action/upload-sarif@v2
231+
uses: github/codeql-action/upload-sarif@v3
228232
if: always()
229233
with:
230234
sarif_file: grype-results.sarif
235+
category: grype
231236

232237
- name: Display SBOM summary
233238
run: |

0 commit comments

Comments
 (0)