use official gosec image, it's ready to publish sarif

.github/workflows/security-scan.yml

@@ -62,7 +62,7 @@ jobs:
       - name: Checkout Source
         uses: actions/checkout@v2
       - name: Run Gosec Security Scanner
-        uses: portainer/gosec@fix-sarif-format
+        uses: securego/gosec@master
         with:
           # we let the report trigger content trigger a failure using the GitHub Security features.
           args: "-no-fail -fmt sarif -out results.sarif ./..."