From 3f55855e8b606bce02af4dfbe5af62c8ee2751d5 Mon Sep 17 00:00:00 2001
From: Kynan Ware <47394200+BagToad@users.noreply.github.com>
Date: Fri, 8 Aug 2025 16:10:22 -0600
Subject: [PATCH] Update govulncheck workflow to scan source code

Changed govulncheck to run on all source files (./...) instead of the built binary. This fixes uploading to GitHub Code Scanning as the location data will be valid, so it will get accepted.
---
 .github/workflows/govulncheck.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml
index 42d94077c..abd9c1011 100644
--- a/.github/workflows/govulncheck.yml
+++ b/.github/workflows/govulncheck.yml
@@ -21,8 +21,7 @@ jobs:
       # See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck#hdr-Exit_codes for more information on exit codes.
       - name: Check Go vulnerabilities
         run: |
-          make
-          go run golang.org/x/vuln/cmd/govulncheck@d1f380186385b4f64e00313f31743df8e4b89a77 -mode=binary -format sarif bin/gh > gh.sarif
+          go run golang.org/x/vuln/cmd/govulncheck@d1f380186385b4f64e00313f31743df8e4b89a77 -format sarif ./... > gh.sarif
 
       - name: Upload SARIF report
         uses: github/codeql-action/upload-sarif@9b02dc2f60288b463e7a66e39c78829b62780db7 # 2.22.1