name: govulncheck
on:
  push:
    paths:
      - go.sum
  schedule:
    - cron: "0 0 * * *"

permissions: read-all

jobs:
  govulncheck:
    name: govulncheck
    runs-on: ubuntu-latest
    steps:
      - name: Setup Go
        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # pin@5.2.0
        with:
          go-version: '1.22'
          check-latest: true
      - name: govulncheck
        uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # pin@1.0.4
        with:
          go-package: ./...