cherry-pick(release-v1.4.x): Bump securego/gosec from 2.18.1 to 2.18.2

[service-binding-operator-bot]

Bumps securego/gosec from 2.18.1 to 2.18.2.

Release notes

Sourced from securego/gosec's releases.

v2.18.2

Changelog

• 55d7949 Disable dot-imports in revive linter
• 4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
• 5567ac4 Run the gosec with data race detector active during tests
• a239758 Fix data race in the analyzer
• c06903a Fix test that checks the overriden nosec directive
• bde2619 Clean global state in flgs tests
• e108c56 Format the file
• e298388 Update README with details which describe the current behaviour of #nosec
• d8a6d35 Ensure the ignores are parsed before analysing the package
• 7846db0 chore(deps): update all dependencies
• 8e0cf8c Update gosec to version 2.18.1 in the action
• 6b12a71 Update cosign version to v2.2.0

Commits

• 55d7949 Disable dot-imports in revive linter
• 4656817 chore(deps): update module github.com/onsi/gomega to v1.28.1
• 5567ac4 Run the gosec with data race detector active during tests
• a239758 Fix data race in the analyzer
• c06903a Fix test that checks the overriden nosec directive
• bde2619 Clean global state in flgs tests
• e108c56 Format the file
• e298388 Update README with details which describe the current behaviour of #nosec
• d8a6d35 Ensure the ignores are parsed before analysing the package
• 7846db0 chore(deps): update all dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/redhat-developer/service-binding-operator/blob/release-v1.4.x/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[openshift-ci[bot]]

[APPROVALNOTIFIER] This PR is APPROVED

Approval requirements bypassed by manually added approval.

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - **[OWNERS](https://github.com/redhat-developer/service-binding-operator/blob/release-v1.4.x/OWNERS)** Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[codecov[bot]]

Codecov Report

Merging #1522 (b3939c1) into release-v1.4.x (755814b) will not change coverage. Report is 1 commits behind head on release-v1.4.x. The diff coverage is n/a.

Additional details and impacted files

[](https://app.codecov.io/gh/redhat-developer/service-binding-operator/pull/1522?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer) ```diff @@ Coverage Diff @@ ## release-v1.4.x #1522 +/- ## =============================================== Coverage 58.16% 58.16% =============================================== Files 35 35 Lines 3014 3014 =============================================== Hits 1753 1753 Misses 1093 1093 Partials 168 168 ``` ------ [Continue to review full report in Codecov by Sentry](https://app.codecov.io/gh/redhat-developer/service-binding-operator/pull/1522?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://app.codecov.io/gh/redhat-developer/service-binding-operator/pull/1522?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer). Last update [755814b...b3939c1](https://app.codecov.io/gh/redhat-developer/service-binding-operator/pull/1522?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=redhat-developer).