From b3290b62fcdd8430be3d1d299e1e68d43abbebae Mon Sep 17 00:00:00 2001
From: Copilot <198982749+Copilot@users.noreply.github.com>
Date: Fri, 6 Mar 2026 22:53:59 +0000
Subject: [PATCH] Backport: Make `security-check` informational only (#36681)
 (#36852)

Backport #36681

`security-check` (govulncheck) was failing CI on all PRs whenever
vulnerabilities existed in dependencies. Since
https://github.com/go-gitea/gitea/security/dependabot already surfaces
this information, the check should be informational only.

- **`Makefile`**: Append `|| true` to the `security-check` target so
govulncheck output is preserved but non-zero exits no longer break CI.

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: silverwind <115237+silverwind@users.noreply.github.com>
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index be3e723db0..b381f51078 100644
--- a/Makefile
+++ b/Makefile
@@ -766,7 +766,7 @@ generate-go: $(TAGS_PREREQ)
 
 .PHONY: security-check
 security-check:
-	go run $(GOVULNCHECK_PACKAGE) -show color ./...
+	go run $(GOVULNCHECK_PACKAGE) -show color ./... || true
 
 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 ifneq ($(and $(STATIC),$(findstring pam,$(TAGS))),)