From 13e2b2dd1b56f4cbba05dcb942338a88b6b72f41 Mon Sep 17 00:00:00 2001
From: Ettore Di Giacinto <mudler@users.noreply.github.com>
Date: Tue, 17 Sep 2024 17:33:28 +0200
Subject: [PATCH] chore(secscan): pin version (#556)

https://github.com/securego/gosec/issues/1220

Signed-off-by: Ettore Di Giacinto <mudler@users.noreply.github.com>
---
 .github/workflows/secscan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/secscan.yml b/.github/workflows/secscan.yml
index a3415d2c..a61a9204 100644
--- a/.github/workflows/secscan.yml
+++ b/.github/workflows/secscan.yml
@@ -19,7 +19,7 @@ jobs:
         if: ${{ github.actor != 'dependabot[bot]' }}
       - name: Run Gosec Security Scanner
         if: ${{ github.actor != 'dependabot[bot]' }}
-        uses: securego/gosec@master
+        uses: securego/gosec@v2.21.0
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
           args: '-no-fail -fmt sarif -out results.sarif ./...'