From 4c14fba45dc2327c38254ee4c4ff29d75589e4d5 Mon Sep 17 00:00:00 2001
From: Robin Hahling <robin.hahling@gw-computing.net>
Date: Wed, 2 Aug 2023 14:34:30 +0200
Subject: [PATCH] ci: run govulncheck to find vulnerable dependencies

Signed-off-by: Robin Hahling <robin.hahling@gw-computing.net>
---
 .github/workflows/build.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 4d63d619..de9795ec 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -31,6 +31,11 @@ jobs:
           # see https://github.com/golangci/golangci-lint-action/issues/119#issuecomment-981090648 for output
           args: --config=.golangci.yml --verbose --out-${NO_FUTURE}format colored-line-number
           skip-cache: true
+      - name: govulncheck
+        uses: golang/govulncheck-action@dd3ead030e4f2cf713062f7a3395191802364e13
+        with:
+          go-version: '1.20.7'
+          go-package: './...'
       - name: Build
         run: |
           go build ./...