.github/workflows: dynamic Go versions in vuln workflow (#2800)

Swap from hard coded versions of go to dynamically acquiring
the latest stable versions from https://go.dev/dl/?mode=json

Closes #2573

.github/workflows/vuln.yml

@@ -3,11 +3,27 @@ name: Vulnerability Check
 on: [push, pull_request]
 
 jobs:
+  go-versions:
+    name: Get stable Go versions
+    runs-on: ubuntu-latest
+    outputs:
+      version-list: ${{ steps.go-dev-stable-versions.outputs.version-list }}
+    steps:
+      - name: List the latest stable versions of Go
+        id: go-dev-stable-versions
+        run: |
+          versions_json=$(curl -s https://go.dev/dl/?mode=json | jq '.[].version' | sed -e 's/^"go/"/' | jq -s -c '.')
+          echo "version-list=$versions_json" >> $GITHUB_OUTPUT
+
+      - name: Notify on go-dev-stable-versions
+        run: echo "::notice::version-list is ${{ steps.go-dev-stable-versions.outputs.version-list }}"
+
   test:
+    needs: [go-versions]
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        go: ['1.20.7', '1.21.0']
+        go: ${{ fromJson(needs.go-versions.outputs.version-list) }}
     name: Vulnerability Check with Go ${{ matrix.go }} on ${{ matrix.os }}
     runs-on: ${{ matrix.os }}
     env: