Steve Yegge
74f384444b
test: Add security and error handling tests for lint warnings
Added comprehensive tests to address gosec and errcheck linter warnings:
1. bd-yxy (P0): Command injection prevention tests for git rm in merge command
- Added merge_security_test.go with tests for shell metacharacters
- Verified exec.Command safely passes arguments (no shell interpretation)
- Added #nosec G204 comment explaining why code is safe
2. bd-nbc (P1): Security tests for file path validation in clean command
- Added clean_security_test.go with path traversal tests
- Verified filepath.Join safely constructs paths within .beads directory
- Added #nosec G304 comment documenting safety guarantees
3. bd-lln (P2): Tests for performFlush error handling in FlushManager
- Added tests documenting that performFlush intentionally returns nil
- Errors are handled internally by flushToJSONLWithState
- Tests verify graceful degradation when store is inactive
4. bd-gra (P2): Error handling test for cmd.Help() in search command
- Added search_test.go documenting Help() error handling
- Help() errors intentionally ignored (already in error path, will exit anyway)
- Added #nosec G104 comment explaining rationale
All new tests pass. The linter warnings are false positives or intentional
design decisions, now documented with tests and #nosec comments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>