Merge pull request #2021 from kubernetes-sigs/dependabot/go_modules/g… #1378

	name: scan_vulns

	on:
	push:
	paths-ignore:
	- "docs/**"
	- "**.md"
	pull_request:
	paths-ignore:
	- "docs/**"
	- "**.md"

	permissions:
	contents: read

	jobs:
	govulncheck:
	name: "Run govulncheck"
	runs-on: ubuntu-22.04
	timeout-minutes: 15
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
	with:
	egress-policy: audit

	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	with:
	persist-credentials: false
	- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
	with:
	go-version-file: "go.mod"
	check-latest: true
	- uses: golang/govulncheck-action@31f7c5463448f83528bd771c2d978d940080c9fd # v1.0.4

	- name: Golang vulncheck - tools
	uses: golang/govulncheck-action@31f7c5463448f83528bd771c2d978d940080c9fd # v1.0.4
	with:
	repo-checkout: false
	work-dir: hack/tools

Provide feedback