Introduce OSV scanning workflow

.github/workflows/osv-scan.yaml

@@ -0,0 +1,26 @@
+name: OSV Scan
+
+on: push
+
+jobs:
+  extract-deps:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: "upload Cargo.lock"
+        uses: actions/upload-artifact@v4
+        with:
+          name: cargo-lock
+          path: Cargo.lock
+          retention-days: 2
+  vuln-scan:
+    name: Vulnerability scanning
+    needs: extract-deps
+    uses: "google/osv-scanner-action/.github/workflows/[email protected]"
+    with:
+      download-artifact: cargo-lock
+      scan-args: |-
+        --lockfile=Cargo.lock
+    permissions:
+      security-events: write
+      contents: read

.gitignore

@@ -3,19 +3,13 @@
 debug/
 target/
 
-# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
-# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
-Cargo.lock
-
 # These are backup files generated by rustfmt
 **/*.rs.bk
 
 # MSVC Windows builds of rustc generate these, which store debugging information
 *.pdb
 
-
 # Added by cargo
-
 /target
 .idea/
 .DS_Store