|
- # Copyright © 2023 OpenIMSDK open source community. All rights reserved.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
-
- # name: Run gosec
-
- # # gosec is a source code security audit tool for the Go language. It performs a static
- # # analysis of the Go code, looking for potential security problems. The main functions of gosec are:
- # # 1. Find common security vulnerabilities, such as SQL injection, command injection, and cross-site scripting (XSS).
- # # 2. Audit codes according to common security standards and find non-standard codes.
- # # 3. Assist the Go language engineer to write safe and reliable code.
-
- # on:
- # push:
- # branches: "*"
- # pull_request:
- # branches: "*"
- # paths-ignore:
- # - '*.md'
- # - '*.yml'
- # - '.github'
-
- # jobs:
- # golang-security-action:
- # runs-on: ubuntu-latest
- # env:
- # GO111MODULE: on
- # steps:
- # - name: Check out code
- # uses: actions/checkout@v3
- # - name: Run Gosec Security Scanner
- # uses: securego/gosec@master
- # with:
- # args: ./...
|