From 9079285d10083a8c5a01bc9a10a7737e03a27874 Mon Sep 17 00:00:00 2001
From: mkelcik <mkelcik@gmail.com>
Date: Fri, 28 Apr 2023 23:23:24 +0200
Subject: [PATCH] add dependency check

---
 .github/workflows/quality-checks.yml | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml
index 27dc33a..125fcb3 100644
--- a/.github/workflows/quality-checks.yml
+++ b/.github/workflows/quality-checks.yml
@@ -21,8 +21,28 @@ jobs:
         uses: golangci/golangci-lint-action@v3
         with:
           version: latest
+
+  dep-vulnerability:
+    name: Dependency vulnerability scan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Prepare go environment
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.20'
+          cache: false
+      - name: Install dep scanner
+        run: |
+          go install golang.org/x/vuln/cmd/govulncheck@latest
+      - name: Vendoring
+        run: | 
+          go mod vendor
+      - name: Check
+        run: |
+          govulncheck ./...
   tests:
-    name: Test
+    name: Tests
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3