Merge pull request #675 from wucm667/fix/gosec-timeout-exclude-ent-dir

fix(ci): 修复 gosec 扫描因 ent 生成代码导致超时的问题

Merge pull request #675 from wucm667/fix/gosec-timeout-exclude-ent-dir
fix(ci): 修复 gosec 扫描因 ent 生成代码导致超时的问题
bfc7b339 · Wesley Liddick · GitHub · 3bae5250 · f30f8905 · bfc7b339
Unverified Commit bfc7b339 authored Feb 28, 2026 by Wesley Liddick Committed by GitHub Feb 28, 2026
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -12,6 +12,7 @@ permissions:
 jobs:
  backend-security:
    runs-on: ubuntu-latest
+    timeout-minutes: 15
    steps:
      - uses: actions/checkout@v4
      - name: Set up Go
@@ -32,7 +33,8 @@ jobs:
        working-directory: backend
        run: |
          go install github.com/securego/gosec/v2/cmd/gosec@latest
-          gosec -conf .gosec.json -severity high -confidence high ./...
+          # exclude ent/ — auto-generated ORM code, not subject to manual security review
+          gosec -conf .gosec.json -severity high -confidence high -exclude-dir=ent ./...
  frontend-security:
    runs-on: ubuntu-latest