Submit govulncheck results to GitHub Code Scanning

cbandy · cbandy · commit 92f035e6a88a · 2025-01-14T17:03:09.000Z
The SARIF results from govulncheck should be compatible with GitHub since v1.1.4. See: https://github.com/golang/vuln/releases/tag/v1.1.4
diff --git a/.github/workflows/govulncheck.yaml b/.github/workflows/govulncheck.yaml
@@ -38,8 +38,6 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'govulncheck-results.sarif'
-        # TODO: https://go.dev/issue/70157
-        if: ${{ false }}
 
       # Print any detected vulnerabilities to the workflow log. This step fails
       # when the tool detects a vulnerability in code that is called.
