diff --git a/.github/workflows/ci.py b/.github/workflows/ci.py
index e856c315e..6c1fe41dc 100644
--- a/.github/workflows/ci.py
+++ b/.github/workflows/ci.py
@@ -270,10 +270,8 @@ def main() -> None:
         test_kitty()
     elif action == 'govulncheck':
         subprocess.check_call(['go', 'install', 'golang.org/x/vuln/cmd/govulncheck@latest'])
-        with open('govulncheck.sarif', 'wb') as f:
-            subprocess.check_call(['govulncheck', '-format', 'sarif', './...'], stdout=f)
-        with open('govulncheck.sarif') as f:
-            print(f.read())
+        subprocess.check_call(['govulncheck', '-mode=binary', 'kitty/launcher/kitten'])
+        subprocess.check_call(['govulncheck', './...'])
     elif action == 'gofmt':
         q = subprocess.check_output('gofmt -s -l tools kittens'.split()).decode()
         if q.strip():
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index b77fe919c..0c2860d9f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -68,10 +68,3 @@ jobs:
         - name: Run govulncheck
           if: matrix.language == 'go'
           run: python3 .github/workflows/ci.py govulncheck
-
-        - name: Upload govulncheck results
-          if: matrix.language == 'go'
-          uses: github/codeql-action/upload-sarif@v3
-          with:
-              sarif_file: govulncheck.sarif
-              category: govulncheck