osv scanner fix #22

	name: govulncheck

	on:
	workflow_dispatch: {}
	push:
	branches:
	- main
	- master
	paths:
	- "*/.go"
	- go.mod
	- go.sum
	- .github/workflows/govulncheck.yml

	jobs:
	govulncheck:
	runs-on: ubuntu-latest
	permissions:
	contents: read
	statuses: write
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-go@v5
	with:
	go-version-file: go.mod
	- name: Ensure optional Make env file exists
	run: touch .env
	- name: Run govulncheck via Makefile target
	run: make security-govulncheck

	- name: Report status to commit SHA
	if: always() && github.event_name == 'workflow_dispatch'
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	STATE: ${{ job.status == 'success' && 'success' \|\| 'failure' }}
	run: \|
	gh api \
	--method POST \
	repos/${{ github.repository }}/statuses/${{ github.sha }} \
	-f state="$STATE" \
	-f context="govulncheck" \
	-f description="govulncheck completed with status: $STATE" \
	-f target_url="https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"

Provide feedback