ad26b68751
Currently nancy is always failed, and we seem to ignore it completely. This reduces the value of having security scanning significantly. Ideally, the underlying issue should be fixed, however it will require long time for external collaboration. This commit is to ignore two known dependency failures. Signed-off-by: Tam Mach <sayboras@yahoo.com>
20 lines
399 B
YAML
20 lines
399 B
YAML
name: Extra
|
|
on:
|
|
push:
|
|
tags:
|
|
- v*
|
|
branches:
|
|
- master
|
|
pull_request:
|
|
jobs:
|
|
vulns:
|
|
name: Vulnerability scanner
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: actions/setup-go@v2
|
|
- name: Run go list
|
|
run: go list -json -m all > go.list
|
|
- name: Nancy
|
|
uses: sonatype-nexus-community/nancy-github-action@master
|