scan

Merge pull request #92 from ksoclabs/bump-dependencies #329

	name: scan

	on:
	workflow_dispatch:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	schedule:
	- cron: '18 10 * * 3'

	permissions:
	contents: read

	jobs:
	scan-fossa:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/[email protected]
	- name: Run FOSSA scan and upload build data
	uses: fossa-contrib/[email protected]
	with:
	fossa-api-key: 0580abfd8ed19432331e14f6e9eaa7ff

	scan-codeql:
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	steps:
	- name: Checkout repository
	uses: actions/[email protected]
	- name: Setup Go
	uses: actions/[email protected]
	with:
	go-version: 1.20.x
	cache-dependency-path: \|
	**/go.sum
	**/go.mod
	- name: Initialize CodeQL
	uses: github/codeql-action/[email protected]
	with:
	languages: go
	- name: Autobuild
	uses: github/codeql-action/[email protected]
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/[email protected]

Provide feedback