johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix gosec security warnings (bd-57)

Browse Source 
- Changed file permissions from 0644 → 0600 for JSONL exports and config files
- Changed directory permissions from 0755 → 0750 in all test code
- Updated .golangci.yml with proper exclusions for false positives
- Reduced gosec warnings from 102 to 22 (all remaining are acceptable)

Closes bd-57

Amp-Thread-ID: https://ampcode.com/threads/T-f754d957-9e42-4e74-861e-57235c7e6436
Co-authored-by: Amp <amp@ampcode.com>
This commit is contained in:
Steve Yegge
2025-10-25 13:50:32 -07:00
parent 47c915ef10
commit 9a370b5b3c
13 changed files with 44 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/bd/init.go
+1 -1
View File
@@ -101,7 +101,7 @@ bd.db
# Keep JSONL exports (source of truth for git)
!*.jsonl
`
if err := os.WriteFile(gitignorePath, []byte(gitignoreContent), 0644); err != nil {
if err := os.WriteFile(gitignorePath, []byte(gitignoreContent), 0600); err != nil {
fmt.Fprintf(os.Stderr, "Warning: failed to create .gitignore: %v\n", err)
// Non-fatal - continue anyway
}