add gosec (3rd sast tool)

scripts/config_sast.sh

@@ -15,3 +15,16 @@ curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.s
 
 echo "Установка golangci-lint"
 curl -sSfL https://golangci-lint.run/install.sh | sh -s v2.11.2
+
+echo "Установка gosec"
+mkdir -p bin
+cd bin
+curl -L -o gosec.tar.gz https://github.com/securego/gosec/releases/download/v2.24.7/gosec_2.24.7_linux_amd64.tar.gz
+mkdir -p gosec_download
+tar -xzf gosec.tar.gz -C gosec_download
+mv gosec_download/gosec .
+rm -f gosec.tar.gz
+rm -rf gosec_download
+chmod +x ./gosec
+
+echo "Бинарники анализаторов установлены в ./bin"

scripts/run_sast.sh

@@ -9,4 +9,7 @@ echo "Запуск bearer"
 echo "Запуск golangci-lint"
 ./bin/golangci-lint run > sast_results/golangci-lint.txt
 
+echo "Запуск gosec"
+./bin/gosec -out sast_results/gosec.txt ./...
+
 echo "Анализ завершён, результаты в sast_results"