Merge pull request #400 from ivpn/dependabot/github_actions/securego/gosec-2.21.4

stenya · web-flow · commit e40a5185eee2 · 2025-04-02T12:24:53.000+03:00
Bump securego/gosec from 2.20.0 to 2.21.4
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -22,7 +22,7 @@ jobs:
         uses: actions/checkout@v4
       - name: Run Gosec Security Scanner
         #uses: securego/gosec@master 
-        uses: securego/gosec@v2.20.0 #TODO: Use gosec@master. This is temporary because the latest version (2.21.1) has SARIF format compatibility issues with GitHub.
+        uses: securego/gosec@v2.21.4 #TODO: Use gosec@master. This is temporary because the latest version (2.21.1) has SARIF format compatibility issues with GitHub.
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
           args: '-exclude=G104,G307 -no-fail -fmt sarif -out results.sarif ./...'
