name: 'GoSec Scanning'
description: 'Scan codebase with gosec'
inputs:
  token:
    description: >
      Personal access token (PAT) used to fetch the repository. The PAT is configured
      with the local git config, which enables your scripts to run authenticated git
      commands. The post-job step removes the PAT.


      We recommend using a service account with the least permissions necessary.
      Also when generating a new PAT, select the least scopes necessary.


      [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
    default: ${{ github.token }}
runs:
  using: 'docker'
  image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'