Added vulnerability check and dependabot workflows (#2)

.github/dependabot.yml

@@ -0,0 +1,20 @@
+version: 2
+updates:
+  - package-ecosystem: gomod
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily
+  - package-ecosystem: github-actions
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily

.github/workflows/check.yml

@@ -6,10 +6,10 @@ jobs:
   check:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
           go-version: 1.19
 

.github/workflows/vulnerability-check.yml

@@ -0,0 +1,27 @@
+name: Check repository for vulnerabilities
+
+on: [push, workflow_dispatch]
+
+jobs:
+  vulnerabilities:
+    env:
+      report-file: report.txt
+    name: Check vulnerabilities
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+      - name: Install govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+      - name: Run check
+        run: govulncheck -show verbose ./... 2>&1 | tee ${{ env.report-file }}
+      - name: Collect report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: 'govulncheck-report'
+          path: ${{ env.report-file }}
+          overwrite: true