chore(secscan): pin version (#556)

securego/gosec#1220 Signed-off-by: Ettore Di Giacinto <[email protected]>
masa-finance · Sep 17, 2024 · 13e2b2d · 13e2b2d
1 parent 8ba7814
commit 13e2b2d
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/secscan.yml b/.github/workflows/secscan.yml
@@ -19,7 +19,7 @@ jobs:
         if: ${{ github.actor != 'dependabot[bot]' }}
       - name: Run Gosec Security Scanner
         if: ${{ github.actor != 'dependabot[bot]' }}
-        uses: securego/gosec@master
+        uses: securego/gosec@v2.21.0
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
           args: '-no-fail -fmt sarif -out results.sarif ./...'