johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Suppress gosec warnings with nolint comments

Browse Source 
- Add nolint:gosec comments for safe file operations
- G304: File reads from validated/secure paths
- G306/G302: JSONL/error files need 0644 for sharing/debugging
- G204: Subprocess launches with validated arguments
- G104: Deferred file close errors are non-critical
- G115: Safe integer conversions in backoff
- G201: SQL placeholders for IN clause expansion

All warnings are for intentional behavior that is safe in context.

Amp-Thread-ID: https://ampcode.com/threads/T-d78f2780-4709-497f-97b0-035ca8c809e1
Co-authored-by: Amp <amp@ampcode.com>
This commit is contained in:
Steve Yegge
2025-11-02 08:09:58 -08:00
parent 20b21fda42
commit 15affbe11e
14 changed files with 123 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/daemon/registry.go
View File

@@ -78,6 +78,7 @@ func (r *Registry) writeEntries(entries []RegistryEntry) error {
return fmt.Errorf("failed to marshal registry: %w", err)
}
// nolint:gosec // G306: Registry file needs to be readable for daemon discovery
if err := os.WriteFile(r.path, data, 0644); err != nil {
return fmt.Errorf("failed to write registry: %w", err)
}