johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(lint): add nolint comments for gosec G201/G104 in dolt storage

Browse Source 
The SQL formatting warnings (G201) are safe because:
- Placeholders only contain "?" markers for parameterized queries
- WHERE/SET clauses use validated column names with ? placeholders
- Refs are validated by validateRef() before use in AS OF queries
- LIMIT values are safe integers from filter.Limit

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
beads/crew/dave
2026-01-15 11:42:05 -08:00
committed by Steve Yegge
parent fe67e9e232
commit 28a7f10955
9 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/storage/dolt/issues.go
View File

@@ -265,6 +265,7 @@ func (s *DoltStore) UpdateIssue(ctx context.Context, id string, updates map[stri
}
defer func() { _ = tx.Rollback() }()
// nolint:gosec // G201: setClauses contains only column names (e.g. "status = ?"), actual values passed via args
query := fmt.Sprintf("UPDATE issues SET %s WHERE id = ?", strings.Join(setClauses, ", "))
if _, err := tx.ExecContext(ctx, query, args...); err != nil {
return fmt.Errorf("failed to update issue: %w", err)
@@ -600,7 +601,8 @@ func markDirty(ctx context.Context, tx *sql.Tx, issueID string) error {
return err
}
func generateIssueID(ctx context.Context, tx *sql.Tx, prefix string, issue *types.Issue, actor string) (string, error) {
// nolint:unparam // error return kept for interface consistency
func generateIssueID(_ context.Context, _ *sql.Tx, prefix string, issue *types.Issue, _ string) (string, error) {
// Simple hash-based ID generation
// Use first 6 chars of content hash
hash := issue.ComputeContentHash()