From 595d7a7f2c6a888870a6f2a694144f601361fcb2 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Mon, 24 Jul 2023 15:12:46 +0300 Subject: [PATCH 1/2] chore: add govulncheck Signed-off-by: Radoslav Dimitrov --- .github/workflows/tests.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index faee33ae..55152ce4 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -51,12 +51,11 @@ jobs: flag-name: Go-${{ matrix.go-version }} parallel: true - golangci: + checks: strategy: matrix: go-version: ${{ fromJSON(needs.get-go-versions.outputs.matrix) }} - os: [ubuntu-latest, macos-latest, windows-latest] - runs-on: ${{ matrix.os }} + runs-on: ubuntu-latest needs: get-go-versions steps: - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 @@ -68,3 +67,8 @@ jobs: with: version: v1.51 # has to be pinned and thus manually updated due to https://github.com/golangci/golangci-lint-action/blob/6a290f7d5d488e1e423b0b37fe802c822ca2c08c/README.md?plain=1#L108 args: --timeout 5m --verbose + - name: govulncheck + uses: golang/govulncheck-action@v1 + with: + go-version-input: ${{ matrix.go-version }} + go-package: ./... From 00a8e4de6559ebb35bad324e8462a65b468d4622 Mon Sep 17 00:00:00 2001 From: Radoslav Dimitrov Date: Mon, 24 Jul 2023 15:49:28 +0300 Subject: [PATCH 2/2] chore: bump go version 1.20 Signed-off-by: Radoslav Dimitrov --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index d0e1cb3c..385f6563 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/theupdateframework/go-tuf -go 1.18 +go 1.20 require ( github.com/dustin/go-humanize v1.0.1