Skip to content

Commit ba83f58

Browse files
committed
Switch to gosec's native #nosec form for consistency
Match the existing #nosec G404 suppression in client.go:604 — narrower than nolint:gosec (per-rule rather than disabling the whole linter on the line) and consistent with the only other gosec suppression in the repo. Same effect against G124; verified with golangci-lint v2.12.0.
1 parent d6ad4a2 commit ba83f58

1 file changed

Lines changed: 1 addition & 1 deletion

File tree

go/pkg/fizzy/auth_strategy.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,6 @@ func (c *CookieAuth) Authenticate(ctx context.Context, req *http.Request) error
4848
// Secure/HttpOnly/SameSite are Set-Cookie response attributes and are not
4949
// written into outgoing Cookie request headers. Setting them here would be
5050
// dead code, so suppress G124 instead.
51-
req.AddCookie(&http.Cookie{Name: "session_token", Value: token}) //nolint:gosec // G124 false positive: outgoing request cookie
51+
req.AddCookie(&http.Cookie{Name: "session_token", Value: token}) // #nosec G124 -- false positive: outgoing request cookie only sends name=value
5252
return nil
5353
}

0 commit comments

Comments
 (0)