fix(lint): add nolint comments for gosec G201/G104 in dolt storage

The SQL formatting warnings (G201) are safe because: - Placeholders only contain "?" markers for parameterized queries - WHERE/SET clauses use validated column names with ? placeholders - Refs are validated by validateRef() before use in AS OF queries - LIMIT values are safe integers from filter.Limit Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-15 11:42:05 -08:00
parent fe67e9e232
commit 28a7f10955
9 changed files with 18 additions and 7 deletions
--- a/internal/storage/dolt/history.go
+++ b/internal/storage/dolt/history.go
@@ -134,7 +134,7 @@ func (s *DoltStore) GetIssueAsOf(ctx context.Context, issueID string, ref string
 	var assignee, owner, contentHash sql.NullString
 	var estimatedMinutes sql.NullInt64

-	// Note: AS OF requires literal value, but we've validated ref is safe
+	// nolint:gosec // G201: ref is validated by validateRef() above - AS OF requires literal
 	query := fmt.Sprintf(`
 		SELECT id, content_hash, title, description, status, priority, issue_type, assignee, estimated_minutes,
 		       created_at, created_by, owner, updated_at, closed_at
@@ -216,7 +216,7 @@ func (s *DoltStore) GetIssueDiff(ctx context.Context, issueID, fromRef, toRef st
 		return nil, fmt.Errorf("invalid toRef: %w", err)
 	}

-	// Note: dolt_diff_issues requires literal values, but we've validated refs are safe
+	// nolint:gosec // G201: refs are validated by validateRef() above - dolt_diff_issues requires literal
 	query := fmt.Sprintf(`
 		SELECT
 			from_id, to_id,