name: "Dependency Review" on: pull_request permissions: contents: read jobs: dependency-review: runs-on: ubuntu-latest steps: - uses: actions/setup-go@v3 with: go-version: 1.19 check-latest: true - name: "Checkout Repository" uses: actions/checkout@v3 - uses: technote-space/get-diff-action@v6.1.1 with: PATTERNS: | **/**.go go.mod go.sum - name: "Dependency Review" uses: actions/dependency-review-action@v3 if: env.GIT_DIFF - name: "Go vulnerability check" run: make vulncheck if: env.GIT_DIFF