Backport: Make security-check informational only (#36681) (#36852)

Backport #36681 `security-check` (govulncheck) was failing CI on all PRs whenever vulnerabilities existed in dependencies. Since https://github.com/go-gitea/gitea/security/dependabot already surfaces this information, the check should be informational only. - **`Makefile`**: Append `|| true` to the `security-check` target so govulncheck output is preserved but non-zero exits no longer break CI. --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: silverwind <115237+silverwind@users.noreply.github.com>
2026-03-09 18:45:51 +00:00 · 2026-03-06 22:53:59 +00:00
parent f7ac507671
commit b3290b62fc
1 changed files with 1 additions and 1 deletions
--- a/2
+++ b/2
@@ -766,7 +766,7 @@ generate-go: $(TAGS_PREREQ)

 .PHONY: security-check
 security-check:
-	go run $(GOVULNCHECK_PACKAGE) -show color ./...
+	go run $(GOVULNCHECK_PACKAGE) -show color ./... || true

 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 ifneq ($(and $(STATIC),$(findstring pam,$(TAGS))),)