Welcome to Golang Bridge 
.
Generally speaking, I will investigate all warnings and reports from gosec with honest-to-goodness root cause reasoning. However, for this case, there are still some questionable aspects. The next few steps are crucial:
- Upgrade your toolkit to the latest version and check its reproducible state.
1.1. gosec is currently2.5.0(https://github.com/securego/gosec)
1.2. Go is currently1.15.6(Go 1.15.6 and Go 1.14.13 are released) - If they are reproducible, raise an issue ticket with
gosecteam first as “QUESTION” with the latest tools’ result. They will answer your query relatively fast. - If their advice is to contact the Go development team, you can send an email to https://groups.google.com/forum/#!forum/golang-nuts before raising a ticket in golang’s Github. Then, follow the Go core developers’ advice from there (if they ask you to raise the ticket, you may proceed).
There is nothing much we can do here aside answering Go programming queries.
If the above is too much, you might consider using other terminal packages from golang.org/x extended packages.