ci: add Go vulnerability checker to proactively flag vulnerable code #9872
Description
Summary
For supply chain security, the Go programming language project produced govulncheck https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck which proactively checks for publicly and privately reported vulnerabilities in code packages. govulncheck is fed vulnerabilities from a wide variety of sources like the NVD, Mitre's CVE database, Github's GHSA advisory listings and many others.
Problem Definition
This feature is needed to proactively flag vulnerable code and the scalably improve supply chain security otherwise we shall be in vulnerable positions where an attacker can compromise an unaudited dependency downstream.
Proposal
Let's add this to the Makefile that'll get run on every PR.
Kindly FYI-ing @elias-orijtech @tac0turtle @thanethomson