Include vulncheck in make

no dependency on thirdparty actions

- Get latest go version
- No vulncheck in `make build`

.github/workflows/vulncheck.yml

@@ -10,8 +10,19 @@ jobs:
   vulncheck:
     name: Analysis
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        go-version: [ 1.18, 1.19 ]
     steps:
     - name: Check out code into the Go module directory
       uses: actions/checkout@v3
-    - name: Check for vulnerabilities
-      uses: kmulvey/govulncheck-action@v1.0.0
+    - uses: actions/setup-go@v3
+      with:
+        go-version: ${{ matrix.go-version }}
+        check-latest: true
+    - name: Get govulncheck
+      run: go install golang.org/x/vuln/cmd/govulncheck@latest
+      shell: bash
+    - name: Run govulncheck
+      run: govulncheck ./...
+      shell: bash

Makefile

@@ -27,7 +27,10 @@ all: build
 getdeps:
 	@echo "Checking dependencies"
 	@mkdir -p ${GOPATH}/bin
-	@echo "Installing golangci-lint" && go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.49.0
+	@echo "Installing golangci-lint" && \
+		go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.49.0 && \
+		echo "Installing govulncheck" && \
+		go install golang.org/x/vuln/cmd/govulncheck@latest
 
 verify: getdeps govet gotest lint
 
@@ -51,6 +54,9 @@ govet:
 gotest:
 	@go test -race ./...
 
+vulncheck:
+	@${GOPATH}/bin/govulncheck ./...
+
 clean:
 	@echo "Cleaning up all the generated files"
 	@find . -name '*.test' | xargs rm -fv