ci: run govulncheck, semgrep, etc (#627)

* ci: run govulncheck, semgrep, etc

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>

* fix: error check

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>

.github/workflows/build.yml

@@ -10,3 +10,16 @@ jobs:
     uses: charmbracelet/meta/.github/workflows/snapshot.yml@main
     secrets:
       goreleaser_key: ${{ secrets.GORELEASER_KEY }}
+
+  govulncheck:
+    uses: charmbracelet/meta/.github/workflows/govulncheck.yml@main
+    with:
+      go-version: stable
+
+  semgrep:
+    uses: charmbracelet/meta/.github/workflows/semgrep.yml@main
+
+  ruleguard:
+    uses: charmbracelet/meta/.github/workflows/ruleguard.yml@main
+    with:
+      go-version: stable

config_cmd.go

@@ -1,7 +1,9 @@
 package main
 
 import (
+	"errors"
 	"fmt"
+	"io/fs"
 	"os"
 	"path"
 	"path/filepath"
@@ -61,7 +63,7 @@ func ensureConfigFile() error {
 		return fmt.Errorf("'%s' is not a supported configuration type: use '%s' or '%s'", ext, ".yaml", ".yml")
 	}
 
-	if _, err := os.Stat(configFile); os.IsNotExist(err) {
+	if _, err := os.Stat(configFile); errors.Is(err, fs.ErrNotExist) {
 		// File doesn't exist yet, create all necessary directories and
 		// write the default config file
 		if err := os.MkdirAll(filepath.Dir(configFile), 0o700); err != nil {

main.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"io/fs"
 	"net/http"
 	"net/url"
 	"os"
@@ -148,7 +149,7 @@ func validateOptions(cmd *cobra.Command) error {
 	style = viper.GetString("style")
 	if style != glamour.AutoStyle && glamour.DefaultStyles[style] == nil {
 		style = utils.ExpandPath(style)
-		if _, err := os.Stat(style); os.IsNotExist(err) {
+		if _, err := os.Stat(style); errors.Is(err, fs.ErrNotExist) {
 			return fmt.Errorf("Specified style does not exist: %s", style)
 		} else if err != nil {
 			return err