[deps] Update github.com/securego/gosec from v2.24.7 to v2.25.0

[github-actions]

Summary

Update github.com/securego/gosec/v2 dependency from v2.24.7 to v2.25.0

Current State

• Package: github.com/securego/gosec/v2
• Current Version: v2.24.7
• Proposed Version: v2.25.0
• Update Type: Minor

Why Separate Issue

⚠️ Minor version update with new security rules

• This is a minor version update (v2.24.7 → v2.25.0)
• Likely adds new security linting rules/checks
• May produce new findings in the codebase that require fixing
• Needs individual review and testing to validate no regressions

Safety Assessment

⚠️ Requires careful review

• Minor version update with potential new security rule additions
• New rules may flag existing code, requiring code changes before CI passes
• Review release notes for new checks being added
• Test that the linter still passes: make lint

Links

• gosec v2.25.0 Release
• Package Repository
• [Go Package]((pkg.go.dev/redacted)

Recommended Action

go get github.com/securego/gosec/v2@v2.25.0
go mod tidy

Testing Notes

• Run linting: make lint
• Run unit tests: make test-unit
• Check for new security findings introduced by new rules
• Run: make agent-finish before committing

References:

• §23336463675

Generated by Dependabot Dependency Checker · ◷

• expires on Mar 22, 2026, 9:26 AM UTC

[github-actions]

🍪 Issue Monster has assigned this to Copilot!

I've identified this issue as a good candidate for automated resolution and assigned it to the Copilot coding agent.

The Copilot coding agent will analyze the issue and create a pull request with the fix.

Om nom nom! 🍪

Note

🔒 Integrity filtering filtered 3 items

Integrity filtering activated and filtered the following items during workflow execution.
This happens when a tool call accesses a resource that does not meet the required integrity or secrecy level of the workflow.

• issue:[ca] Update MCP Gateway v0.1.19 → v0.1.20 #21943 (issue_read: Resource 'issue:[ca] Update MCP Gateway v0.1.19 → v0.1.20 #21943' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)
• issue:[deps] Update golang.org/x/term from v0.40.0 to v0.41.0 #21940 (issue_read: Resource 'issue:[deps] Update golang.org/x/term from v0.40.0 to v0.41.0 #21940' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)
• issue:[deps] Update golang.org/x/mod from v0.33.0 to v0.34.0 #21939 (issue_read: Resource 'issue:[deps] Update golang.org/x/mod from v0.33.0 to v0.34.0 #21939' has lower integrity than agent requires. Agent would need to drop integrity tags [unapproved:all approved:all] to trust this resource.)

🍪 Om nom nom by Issue Monster · ◷