ci: Download gitleaks binary, use python3 -m pip for flawfinder

.gitea/workflows/lint.yml

@@ -34,11 +34,9 @@ jobs:
           git clone --depth=1 --branch=${{ github.ref_name }} \
             https://oauth2:${{ github.token }}@git.mymx.me/${{ github.repository }}.git .
 
-      - name: Install flawfinder
+      - name: Install and run flawfinder
-        run: pip install --user flawfinder
-
-      - name: Run flawfinder
         run: |
+          python3 -m pip install --user flawfinder
           ~/.local/bin/flawfinder --minlevel=2 --error-level=4 \
             get-started/csi_recv_router/main/
 
@@ -51,8 +49,13 @@ jobs:
           git clone --branch=${{ github.ref_name }} \
             https://oauth2:${{ github.token }}@git.mymx.me/${{ github.repository }}.git .
 
-      - name: Run gitleaks
+      - name: Install and run gitleaks
-        run: gitleaks detect --source . --verbose --redact
+        run: |
+          GITLEAKS_VERSION="8.18.4"
+          curl -sSL "https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz" \
+            -o /tmp/gitleaks.tar.gz
+          tar -xzf /tmp/gitleaks.tar.gz -C /tmp gitleaks
+          /tmp/gitleaks detect --source . --verbose --redact
 
   shellcheck:
     name: Shell Script Analysis