Skip to content

Analyze CVEs

Analyze CVEs #98

Workflow file for this run

name: Analyze CVEs
permissions:
contents: read
on:
schedule:
# https://crontab.guru/#0_10_*_*_* - at 10:00 A.M. UTC every day
- cron: "0 10 * * *"
pull_request:
paths:
- "**/go.sum"
- "**/go.mod"
jobs:
validate:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Install tools
uses: ./.github/actions/install-tools
- name: Check for CVEs in Dependencies
# TODO: if this fails we should look at Zarf's .grype.yaml as there may be the same false positive
run: "make scan"