Govulncheck reports known vulnerabilities that affect Go code. It uses static analysis of source code or a binary's symbol table to narrow down reports to only those that could affect the application.
By default, govulncheck makes requests to the Go vulnerability database at https://vuln.go.dev. Requests to the vulnerability database contain only module paths, not code or other properties of your program.
Issue To Be Solved
We should automatically check for vulnerabilities that affect Go code.
Suggested Solution
Add GitHub Actions workflow to use govulncheck.
According to govulncheck docs:
More info at: