internal/scan: enable module scan mode

Source scanning does not accept patterns but we jump out early if patterns are not present. We change this here. Change-Id: I48557f6f8202b1e8409cbb5f8c91b3d48e1edaee Reviewed-on: https://go-review.googlesource.com/c/vuln/+/546575 Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Maceo Thompson <maceothompson@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-12-01 16:56:14 +00:00 · 2023-12-01 16:56:14 +00:00 · 244182bca4
--- a/cmd/govulncheck/testdata/testfiles/source-module/module_short_curcuits.ct
+++ b/cmd/govulncheck/testdata/testfiles/source-module/module_short_curcuits.ct
@ -1,6 +1,6 @@
 #####
 # Test that findings with callstacks or packages are not emitted in module mode
-$ govulncheck -json -scan module -C ${moddir}/multientry .
+$ govulncheck -json -scan module -C ${moddir}/multientry
 {
  "config": {
    "protocol_version": "v1.0.0",
--- a/internal/scan/source.go
+++ b/internal/scan/source.go
@ -23,8 +23,8 @@ import (
 func runSource(ctx context.Context, handler govulncheck.Handler, cfg *config, client *client.Client, dir string) (err error) {
 	defer derrors.Wrap(&err, "govulncheck")

-	if len(cfg.patterns) == 0 {
-		return nil
+	if cfg.ScanLevel.WantPackages() && len(cfg.patterns) == 0 {
+		return nil // don't throw an error here
 	}
 	if !gomodExists(dir) {
 		return errNoGoMod