chore(deps): bump golang.org/x/oauth2 from 0.35.0 to 0.36.0 #53

	name: CI

	on:
	push:
	branches: [main]
	pull_request:
	branches: [main]

	permissions:
	contents: read

	jobs:
	test:
	name: Test
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
	with:
	go-version: "1.24.13"
	cache: true

	- name: go mod verify
	run: go mod verify

	- name: go vet
	run: go vet ./...

	- name: go test (race)
	run: go test -race -coverprofile=/tmp/coverage.out ./...

	- name: coverage check (≥60%)
	run: \|
	COVERAGE=$(go tool cover -func=/tmp/coverage.out \| awk '/^total:/ {gsub(/%/,""); print $3}')
	echo "Coverage: ${COVERAGE}%"
	awk -v cov="$COVERAGE" 'BEGIN { if (cov+0 < 60) { print "Coverage " cov "% is below 60%"; exit 1 } }'

	lint:
	name: Lint
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
	with:
	go-version: "1.24.13"
	cache: true

	- uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0

	security:
	name: Security
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
	with:
	go-version: "1.24.13"
	cache: true

	- name: gosec
	run: \|
	go install github.com/securego/gosec/v2/cmd/gosec@v2.21.4
	gosec -exclude=G304,G115,G306 ./...

	- name: govulncheck
	run: \|
	go install golang.org/x/vuln/cmd/govulncheck@v1.1.4
	govulncheck ./...

Provide feedback