.github/workflows/vulnerability-scan.yml

name: "Security vulnerability scan"

on:
  schedule:
    - cron: "20 02 * * 0"
  workflow_dispatch:

permissions:
  contents: read

jobs:
  go:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: stable
          check-latest: true
          cache: false
      - name: Scan
        run: make scan-go

  node:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: stable
          cache: false
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - name: Scan
        run: make scan-node

  java:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: stable
          cache: false
      - uses: actions/setup-java@v4
        with:
          java-version: 21
          distribution: temurin
          cache: maven
      - name: Scan
        run: make scan-java