name: Security

env:
  TZ: Etc/GMT-8

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master
permissions:
  contents: read
jobs:
  scan:
    strategy:
      matrix:
        go: ['1.19.13', '>=1.20']
      fail-fast: true
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: https://github.com/actions/checkout@v4

      - name: Setup Go ${{ matrix.go }}
        uses: https://github.com/actions/setup-go@v4
        with:
          go-version: ${{ matrix.go }}
          cache: false

      - name: Run GoSec
        uses: https://github.com/securego/gosec@master
        with:
          args: ./...