+govulncheck - Go vulnerability checker (#3805)

* +govulncheck - Go vulnerability checker

* add test

---------

Co-authored-by: Jacob Heider <jacob@pkgx.dev>

projects/go.dev/govulncheck/package.yml

@@ -0,0 +1,63 @@
+distributable:
+  url: https://github.com/golang/vuln/archive/refs/tags/v{{version}}.tar.gz
+  strip-components: 1
+
+versions:
+  github: golang/vuln/tags
+
+provides:
+  - bin/govulncheck
+
+build:
+  dependencies:
+    go.dev: ^1.19
+  script: |
+    go mod download
+    mkdir -p "{{ prefix }}"/bin
+    go build -v -trimpath -ldflags="$LDFLAGS" -o $BUILDLOC ./cmd/govulncheck
+  env:
+    GOPROXY: https://proxy.golang.org,direct
+    GOSUMDB: sum.golang.org
+    GO111MODULE: on
+    CGO_ENABLED: 0
+    BUILDLOC: '{{prefix}}/bin/govulncheck'
+    LDFLAGS:
+      - -s
+      - -w
+    linux:
+      # or segmentation fault
+      # fix found here https://github.com/docker-library/golang/issues/402#issuecomment-982204575
+      LDFLAGS:
+      - -buildmode=pie
+
+test:
+  fixture: |
+    package main
+
+    import (
+            "fmt"
+            "os"
+
+            "golang.org/x/text/language"
+    )
+
+    func main() {
+            for _, arg := range os.Args[1:] {
+                    tag, err := language.Parse(arg)
+                    if err != nil {
+                            fmt.Printf("%s: error: %v\n", arg, err)
+                    } else if tag == language.Und {
+                            fmt.Printf("%s: undefined\n", arg)
+                    } else {
+                            fmt.Printf("%s: tag %s\n", arg, tag)
+                    }
+            }
+    }
+  dependencies:
+    go.dev: ^1.19
+  script:
+    - go mod init vuln.tutorial
+    - cp $FIXTURE main.go
+    - go mod tidy
+    - go get golang.org/x/text@v0.3.5
+    - (govulncheck ./... 2>&1 || true) | grep GO-2021-0113