修复：GitHub Actions 中 gosec 安装问题

zy84338719 · zy84338719 · commit 81fce1cbce55 · 2025-08-31T04:12:35.000+08:00
- 替换失败的 go install 方式为二进制下载
- 使用 GitHub API 获取最新版本号
- 确保在 CI 环境中能够正常安装 gosec 安全扫描工具
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -161,8 +161,12 @@ jobs:
 
     - name: Run Gosec Security Scanner
       run: |
-        go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest
-        gosec -fmt json -out gosec-report.json ./...
+        # 下载并安装 gosec 二进制文件
+        GOSEC_VERSION=$(curl -s "https://api.github.com/repos/securecodewarrior/gosec/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
+        wget "https://github.com/securecodewarrior/gosec/releases/download/${GOSEC_VERSION}/gosec_${GOSEC_VERSION#v}_linux_amd64.tar.gz"
+        tar -xzf "gosec_${GOSEC_VERSION#v}_linux_amd64.tar.gz"
+        chmod +x gosec
+        ./gosec -fmt json -out gosec-report.json ./...
 
     - name: Upload Gosec report
       uses: actions/upload-artifact@v4
