Merge pull request #675 from wucm667/fix/gosec-timeout-exclude-ent-dir
fix(ci): 修复 gosec 扫描因 ent 生成代码导致超时的问题
This commit is contained in:
Wesley Liddick
4
.github/workflows/security-scan.yml
vendored
4
.github/workflows/security-scan.yml
vendored
@@ -12,6 +12,7 @@ permissions:
|
|||||||
jobs:
|
jobs:
|
||||||
backend-security:
|
backend-security:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
timeout-minutes: 15
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
- name: Set up Go
|
- name: Set up Go
|
||||||
@@ -32,7 +33,8 @@ jobs:
|
|||||||
working-directory: backend
|
working-directory: backend
|
||||||
run: |
|
run: |
|
||||||
go install github.com/securego/gosec/v2/cmd/gosec@latest
|
go install github.com/securego/gosec/v2/cmd/gosec@latest
|
||||||
gosec -conf .gosec.json -severity high -confidence high ./...
|
# exclude ent/ — auto-generated ORM code, not subject to manual security review
|
||||||
|
gosec -conf .gosec.json -severity high -confidence high -exclude-dir=ent ./...
|
||||||
|
|
||||||
frontend-security:
|
frontend-security:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
Reference in New Issue
Block a user