.github/workflows: separate the vulnerability check to vuln.yml

.github/workflows/test.yml

@@ -71,10 +71,6 @@ jobs:
           (cd .github/workflows/vettools; go install .)
           go vet -vettool=$(which vettools)${{ startsWith(matrix.os, 'windows-') && '.exe' || '' }} -tags=example -v ./...
 
-      - name: govulncheck
-        run: |
-          go run golang.org/x/vuln/cmd/govulncheck@latest -tags=example ./...
-
       - name: go build
         run: |
           go build -tags=example -v ./...

.github/workflows/vuln.yml

@@ -0,0 +1,43 @@
+name: Vulnerability Check
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        go: ['1.18.8', '1.19.3']
+    name: Vulnerability Check with Go ${{ matrix.go }} on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    env:
+      DISPLAY: ':99.0'
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - name: Git
+        run: |
+          # See actions/checkout#135
+          git config --global core.autocrlf false
+          git config --global core.eol lf
+
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.go }}
+          cache: true
+
+      - name: Install dependencies
+        if: ${{ startsWith(matrix.os, 'ubuntu-') }}
+        run: |
+          sudo apt-get update
+          sudo apt-get install libasound2-dev libgl1-mesa-dev libxcursor-dev libxi-dev libxinerama-dev libxrandr-dev libxxf86vm-dev
+
+      - name: govulncheck
+        run: |
+          go run golang.org/x/vuln/cmd/govulncheck@latest -tags=example ./...
+          env GOOS=js GOARCH=wasm go run golang.org/x/vuln/cmd/govulncheck@latest -tags=example ./...