test: Add security and error handling tests for lint warnings
Added comprehensive tests to address gosec and errcheck linter warnings: 1. bd-yxy (P0): Command injection prevention tests for git rm in merge command - Added merge_security_test.go with tests for shell metacharacters - Verified exec.Command safely passes arguments (no shell interpretation) - Added #nosec G204 comment explaining why code is safe 2. bd-nbc (P1): Security tests for file path validation in clean command - Added clean_security_test.go with path traversal tests - Verified filepath.Join safely constructs paths within .beads directory - Added #nosec G304 comment documenting safety guarantees 3. bd-lln (P2): Tests for performFlush error handling in FlushManager - Added tests documenting that performFlush intentionally returns nil - Errors are handled internally by flushToJSONLWithState - Tests verify graceful degradation when store is inactive 4. bd-gra (P2): Error handling test for cmd.Help() in search command - Added search_test.go documenting Help() error handling - Help() errors intentionally ignored (already in error path, will exit anyway) - Added #nosec G104 comment explaining rationale All new tests pass. The linter warnings are false positives or intentional design decisions, now documented with tests and #nosec comments. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Steve Yegge
@@ -36,6 +36,9 @@ Examples:
|
||||
// If no query provided, show help
|
||||
if query == "" {
|
||||
fmt.Fprintf(os.Stderr, "Error: search query is required\n")
|
||||
// #nosec G104 -- cmd.Help() error intentionally ignored. We're already in an
|
||||
// error path (missing query) and will exit(1) regardless. Help() errors are
|
||||
// rare (I/O failures) and don't affect the outcome. See TestSearchCommand_HelpErrorHandling
|
||||
cmd.Help()
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user