go-plsql-statement-splitter/.github/workflows/security.yml at master · zodimo/go-plsql-statement-splitter · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
name: Security Scanning (DISABLED)

# This workflow is currently disabled until further notice

on:
  # Disable triggers by commenting them out
  # push:
  #   branches: [ master ]
  # pull_request:
  #   branches: [ master ]
  # schedule:
  #   - cron: '0 0 * * 0' # Run once a week on Sunday at midnight

  # Only run manually
  workflow_dispatch:
    inputs:
      reason:
        description: 'Reason for manual run'
        required: true
        default: 'Testing disabled security workflow'

jobs:
  gosec:
    name: GoSec Security Scan
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
        uses: actions/checkout@v4

      - name: Run Gosec Security Scanner
        uses: securego/gosec@master
        with:
          args: ./...

  dependency-scan:
    name: Dependency Check
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
        uses: actions/checkout@v4

      - name: Set up Go
        uses: actions/setup-go@v4
        with:
          go-version: 1.24.x

      - name: Nancy
        uses: sonatype-nexus-community/nancy-github-action@main
        with:
          golist-mod: go list -json -m all