From 87f729190918e957b1d80c5e94c4e3ff440a387c Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Fri, 20 Feb 2026 16:40:07 +0100
Subject: [PATCH] Make `security-check` informational only (#36681)

Change `security-check` not break the build which is a major
inconvenience as it breaks CI on all PRs.

https://github.com/go-gitea/gitea/security/dependabot already provides a
clean overview of outstanding security issues in dependencies and I'm
using it all the time to find and update vulnerable dependencies.
---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index b86361d73e..3c7582dd57 100644
--- a/Makefile
+++ b/Makefile
@@ -713,7 +713,7 @@ generate-go: $(TAGS_PREREQ)
 
 .PHONY: security-check
 security-check:
-	GOEXPERIMENT= go run $(GOVULNCHECK_PACKAGE) -show color ./...
+	GOEXPERIMENT= go run $(GOVULNCHECK_PACKAGE) -show color ./... || true
 
 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 ifneq ($(and $(STATIC),$(findstring pam,$(TAGS))),)