johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Suppress gosec warnings with nolint comments

Browse Source 
- Add nolint:gosec comments for safe file operations
- G304: File reads from validated/secure paths
- G306/G302: JSONL/error files need 0644 for sharing/debugging
- G204: Subprocess launches with validated arguments
- G104: Deferred file close errors are non-critical
- G115: Safe integer conversions in backoff
- G201: SQL placeholders for IN clause expansion

All warnings are for intentional behavior that is safe in context.

Amp-Thread-ID: https://ampcode.com/threads/T-d78f2780-4709-497f-97b0-035ca8c809e1
Co-authored-by: Amp <amp@ampcode.com>
This commit is contained in:
Steve Yegge
2025-11-02 08:09:58 -08:00
parent 20b21fda42
commit 15affbe11e
14 changed files with 123 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cmd/bd/validate.go
View File

@@ -374,6 +374,7 @@ func validateGitConflicts(ctx context.Context, fix bool) checkResult {
// Check JSONL file for conflict markers
jsonlPath := findJSONLPath()
// nolint:gosec // G304: jsonlPath is validated JSONL file from findJSONLPath
data, err := os.ReadFile(jsonlPath)
if err != nil {
if os.IsNotExist(err) {