From 0ccfc64eb485b3a32bc29d46324cbecac0f95329 Mon Sep 17 00:00:00 2001
From: ale8k <alexjkilroy@gmail.com>
Date: Fri, 4 Oct 2024 13:24:16 +0100
Subject: [PATCH] No longer checkout and specify go.mod for install from govuln

---
 .github/actions/security-scan-upload/action.yaml | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/.github/actions/security-scan-upload/action.yaml b/.github/actions/security-scan-upload/action.yaml
index 2c5345d..a495da0 100644
--- a/.github/actions/security-scan-upload/action.yaml
+++ b/.github/actions/security-scan-upload/action.yaml
@@ -35,11 +35,6 @@ runs:
           echo "  upload-sarif-artifact: ${{ inputs.upload-sarif-artifact }}"
           exit 1
         fi
-
-    - name: Setup Go
-      uses: actions/setup-go@v5
-      with:
-        go-version-file: go.mod
     
     #########
     # Trivy #
@@ -75,6 +70,8 @@ runs:
       with:
         output-format: 'sarif'
         output-file: 'govuln-results.sarif'
+        go-version-file: go.mod
+        repo-checkout: false
 
     - name: Upload govuln scan results as artifact
       uses: actions/upload-artifact@v3