build(deps): bump github.com/securego/gosec/v2 from 5f0084eb01a9 to 81cda2f91fbe

[ldez]

This PR is related to #4906 (and #4904), the analyzers (G602, G115) can be filtered now.

The rules G115, G405, G406, G506, and G507 are added (kind of side effect of the update).

securego/gosec@5f0084e...81cda2f

The update is done by hand because gosec is not released yet and we already use a pseudo version because of #4748.

Note: exclusions are defined inside the configuration due to the compatibility requirements with the previous version of golangci-lint inside our tests.

[ldez]

I will merge this PR to avoid regressions related to G602.

[ldemailly]

my CI started failing (despited pinned action
golangci/golangci-lint-action@aaa42aa )
with fun stuff like

 G115: integer overflow conversion uint8 -> int64 (gosec)
		return object.Integer{Value: int64(str[idx])}
		                                  ^

how is uint8 overflowing an int64 !?

filled at securego/gosec#1185

[ldez]

This update was required to be able to disable G602 and G115 inside the configuration.

I know that technically this update adds new rules but this was required to fix a bug.
The bug was that G602 and G115 could not be enabled/disabled but they were documented inside golangci-lint.

The rule is from gosec, so it's better to discuss it with gosec.

You can also just disable this rule:

linters-settings:
  gosec:
    excludes:
      - G115

[ldemailly]

I did file the issue with them( securego/gosec#1185 ), so I guess I should add

with:
  version: v1.60.1

(or whichever version) to the action to avoid it being latest ?

thx