From fd687a917ac33e4c7e85442d6b80ecc36ca2ec2e Mon Sep 17 00:00:00 2001
From: Siu Wa Wu <siwu@redhat.com>
Date: Fri, 5 Jun 2026 17:13:48 +1000
Subject: [PATCH] use GOPATH for scan

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index e62c7165..3a45230a 100644
--- a/Makefile
+++ b/Makefile
@@ -122,7 +122,7 @@ ensure-govulncheck:
 	@ls $(GOPATH)/bin/govulncheck 1>/dev/null || go install golang.org/x/vuln/cmd/govulncheck@${GOVULNCHECK_VERSION}
 
 scan: ensure-govulncheck
-	@output=$$(govulncheck ./... 2>&1); \
+	@output=$$($(GOPATH)/bin/govulncheck ./... 2>&1); \
 	echo "$$output"; \
 	if echo "$$output" | grep -q "Vulnerability"; then \
 		echo "Note: Detected vulnerabilities (non-blocking for now). Consider updating vulnerable Go packages to their fixed versions."; \