From 633955031a8ee7546ffcd56286f19e313752579f Mon Sep 17 00:00:00 2001
From: Shahzad Lone <shahzadlone@gmail.com>
Date: Sat, 22 Jul 2023 03:02:29 -0400
Subject: [PATCH] PR: Add workflow to notify vulnerabilities.

This action should fail as we use GoLang v1.19 which does have
vulnerabilities, In the following commits the version will be bumped
and then this action should show no vulnerabilities.
---
 .github/workflows/check-vulnerabilities.yml | 39 +++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 .github/workflows/check-vulnerabilities.yml

diff --git a/.github/workflows/check-vulnerabilities.yml b/.github/workflows/check-vulnerabilities.yml
new file mode 100644
index 0000000000..68362748a2
--- /dev/null
+++ b/.github/workflows/check-vulnerabilities.yml
@@ -0,0 +1,39 @@
+# Copyright 2023 Democratized Data Foundation
+#
+# Use of this software is governed by the Business Source License
+# included in the file licenses/BSL.txt.
+#
+# As of the Change Date specified in that file, in accordance with
+# the Business Source License, use of this software will be governed
+# by the Apache License, Version 2.0, included in the file
+# licenses/APL.txt.
+
+name: Check Vulnerabilities Workflow
+
+on:
+  pull_request:
+    branches:
+      - master
+      - develop
+
+  push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]+'
+    branches:
+      - master
+      - develop
+
+jobs:
+  check-vulnerabilities:
+    name: Check vulnerabilities job
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Run govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          # go-version-input: 1.20.6
+          check-latest: true
+          cache: false
+          go-package: ./...