From 5f07d4584693bb1156b2e5ecb1812441592bc8ea Mon Sep 17 00:00:00 2001
From: Cesar Celis Hernandez <celis.hernandez.cesar@gmail.com>
Date: Wed, 19 Oct 2022 03:07:42 -0400
Subject: [PATCH] Moving away from Nancy (#2393)

`Nancy` test is failing and the issue is recent:
https://github.com/sonatype-nexus-community/nancy/issues/263

Move to more idiomatic https://pkg.go.dev/golang.org/x/vuln/vulncheck
---
 .github/workflows/jobs.yaml | 37 +++++++++++++------------------------
 1 file changed, 13 insertions(+), 24 deletions(-)

diff --git a/.github/workflows/jobs.yaml b/.github/workflows/jobs.yaml
index cf9c9fd5a..c8729280d 100644
--- a/.github/workflows/jobs.yaml
+++ b/.github/workflows/jobs.yaml
@@ -250,31 +250,20 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go-version: [ 1.18.x ]
-        os: [ ubuntu-latest ]
+        go-version: [ 1.19 ]
     steps:
-      - name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
-        uses: actions/setup-go@v2
-        with:
-          go-version: ${{ matrix.go-version }}
-        id: go
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v2
-
-      - name: Build on ${{ matrix.os }}
-        continue-on-error: false
-        if: matrix.os == 'ubuntu-latest'
-        env:
-          CGO_ENABLED: 0
-          GO111MODULE: on
-        run: |
-          sudo apt install jq -y || apt install jq -y
-          sudo sysctl net.ipv6.conf.all.disable_ipv6=0 || sysctl net.ipv6.conf.all.disable_ipv6=0
-          sudo sysctl net.ipv6.conf.default.disable_ipv6=0 || sysctl net.ipv6.conf.default.disable_ipv6=0
-          nancy_version=$(curl --retry 10 -Ls -o /dev/null -w "%{url_effective}" https://github.com/sonatype-nexus-community/nancy/releases/latest | sed "s/https:\/\/github.com\/sonatype-nexus-community\/nancy\/releases\/tag\///")
-          curl -L -o nancy https://github.com/sonatype-nexus-community/nancy/releases/download/${nancy_version}/nancy-${nancy_version}-linux-amd64 && chmod +x nancy
-          go list -deps -json ./... | jq -s 'unique_by(.Module.Path)|.[]|select(has("Module"))|.Module' | ./nancy sleuth
+    - name: Check out code into the Go module directory
+      uses: actions/checkout@v3
+    - uses: actions/setup-go@v3
+      with:
+        go-version: ${{ matrix.go-version }}
+        check-latest: true
+    - name: Get govulncheck
+      run: go install golang.org/x/vuln/cmd/govulncheck@latest
+      shell: bash
+    - name: Run govulncheck
+      run: govulncheck ./...
+      shell: bash
 
   semgrep-static-code-analysis:
     name: "semgrep checks"