Inspect source code for security issues

soumeh01 · soumeh01 · commit 00f1ab9fe9eb · 2025-01-31T14:09:07.000+01:00
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -61,6 +61,20 @@ jobs:
         run: |
           make format-check
 
+  gosec:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@e0cca6fe95306b7e7790d6f1bf6a7bec6d622459 # v2.22.0
+        with:
+          args: '-severity high -exclude-dir=test ./...'
+
   vulnerability-check:
     name: "Vulnerability check"
     runs-on: ubuntu-latest
