Skip to content

ci: run govulncheck#5586

Open
marten-seemann wants to merge 1 commit intomasterfrom
govulncheck
Open

ci: run govulncheck#5586
marten-seemann wants to merge 1 commit intomasterfrom
govulncheck

Conversation

@marten-seemann
Copy link
Member

@marten-seemann marten-seemann commented Mar 18, 2026
edited by macroscopeapp bot
Loading

Add govulncheck step to the lint CI workflow

Adds a new step to the check job in lint.yml that runs golang.org/x/vuln/cmd/govulncheck against all packages. Also capitalizes the existing gcassert step label for consistency.

Macroscope summarized 6dae64e.

@marten-seemann marten-seemann requested a review from Copilot March 18, 2026 02:43
@codecov
Copy link

codecov bot commented Mar 18, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.17%. Comparing base (cf08265) to head (6dae64e).
✅ All tests successful. No failed tests found.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5586      +/-   ##
==========================================
+ Coverage   84.10%   84.17%   +0.07%     
==========================================
  Files         161      161              
  Lines       16363    16363              
==========================================
+ Hits        13762    13773      +11     
+ Misses       1967     1959       -8     
+ Partials      634      631       -3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copilot AI reviewed Mar 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the Go lint workflow to improve CI signal by adding vulnerability scanning and standardizing step naming within the existing check job.

Changes:

  • Renamed the gcassert step to use consistent capitalization (“Run gcassert”).
  • Added a new CI step to run govulncheck against ./....

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/lint.yml
- name: Run gcassert
if: success() || failure() # run this step even if the previous one failed
run: go tool gcassert ./...
- name: Run govulncheck
.github/workflows/lint.yml
if: success() || failure() # run this step even if the previous one failed
run: go tool gcassert ./...
- name: Run govulncheck
run: go run golang.org/x/vuln/cmd/govulncheck@latest ./...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marten-seemann