Inspect source code for security issues

Author: soumeh01

.github/workflows/test.yml

@@ -67,6 +67,20 @@ jobs:
         run: |
           make format-check
 
+  gosec:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@e0cca6fe95306b7e7790d6f1bf6a7bec6d622459 # v2.22.0
+        with:
+          args: '-severity high -exclude-dir=testdata -exclude=*_test.go ./...'
+
   vulnerability-check:
     name: "Vulnerability check"
     runs-on: ubuntu-latest

cmd/utils/utils.go

@@ -118,7 +118,8 @@ func DownloadFile(URL string, timeout int) (string, error) {
 	// For now, skip insecure HTTPS downloads verification only for localhost
 	var tls tls.Config
 	if strings.Contains(URL, "https://127.0.0.1") {
-		tls.InsecureSkipVerify = true //nolint:gosec
+		// #nosec G402
+		tls.InsecureSkipVerify = true
 	} else {
 		tls.InsecureSkipVerify = false
 	}