johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(lint): add nolint comments for gosec G201/G104 in dolt storage

Browse Source 
The SQL formatting warnings (G201) are safe because:
- Placeholders only contain "?" markers for parameterized queries
- WHERE/SET clauses use validated column names with ? placeholders
- Refs are validated by validateRef() before use in AS OF queries
- LIMIT values are safe integers from filter.Limit

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
beads/crew/dave
2026-01-15 11:42:05 -08:00
committed by Steve Yegge
parent fe67e9e232
commit 28a7f10955
9 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/storage/dolt/transaction.go
View File

@@ -137,6 +137,7 @@ func (t *doltTransaction) UpdateIssue(ctx context.Context, id string, updates ma
}
args = append(args, id)
// nolint:gosec // G201: setClauses contains only column names (e.g. "status = ?"), actual values passed via args
query := fmt.Sprintf("UPDATE issues SET %s WHERE id = ?", strings.Join(setClauses, ", "))
_, err := t.tx.ExecContext(ctx, query, args...)
return err