mirrors/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty synced 2026-06-08 22:28:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Another try at running govulncheck

Browse Source
This commit is contained in:
Kovid Goyal
2025-09-24 12:50:06 +05:30
parent 4d95af20c2
commit 4ffacbbe80
2 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.py vendored
View File

@@ -266,6 +266,12 @@ def main() -> None:
package_kitty() package_kitty()
elif action == 'test': elif action == 'test':
test_kitty() test_kitty()
elif action == 'test':
test_kitty()
elif action == 'govulncheck':
subprocess.check_call(['go', 'install', 'golang.org/x/vuln/cmd/govulncheck@latest'])
with open('govulncheck.sarif', 'wb') as f:
subprocess.check_call(['govulncheck', '-format', 'sarif', './...'], stdout=f)
elif action == 'gofmt': elif action == 'gofmt':
q = subprocess.check_output('gofmt -s -l tools kittens'.split()).decode() q = subprocess.check_output('gofmt -s -l tools kittens'.split()).decode()
if q.strip(): if q.strip():

14
.github/workflows/codeql-analysis.yml vendored
View File

@@ -9,9 +9,6 @@ on:
schedule: schedule:
- cron: '0 22 * * 5' - cron: '0 22 * * 5'
permissions:
contents: read # to fetch code (actions/checkout)
jobs: jobs:
CodeQL-Build: CodeQL-Build:
@@ -67,3 +64,14 @@ jobs:
- name: Perform CodeQL Analysis - name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3 uses: github/codeql-action/analyze@v3
- name: Run govulncheck
if: matrix.language == 'go'
run: python3 .github/workflows/ci.py govulncheck
- name: Upload govulncheck results
if: matrix.language == 'go'
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: govulncheck.sarif
category: govulncheck