add OSV workflow

sthulb · sthulb · commit dc8c11f721a0 · 2025-03-05T14:46:49.000Z
diff --git a/.github/workflows/security-osv.yml b/.github/workflows/security-osv.yml
@@ -0,0 +1,24 @@
+on:
+  pull_request:
+    branches: [main]
+  merge_group:
+    branches: [main]
+  workflow_dispatch: {}
+  schedule:
+    - cron: "30 12 * * 1"
+  push:
+    branches: [main]
+
+name: OpenSource Vulnerability Scanner
+run-name: OpenSource Vulnerability Scanner
+
+permissions:
+  contents: read
+
+jobs:
+  scan-pr:
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@764c91816374ff2d8fc2095dab36eecd42d61638"
