From 6043e9b8795b55bee9d27b494c1b62bc7afda0e5 Mon Sep 17 00:00:00 2001 From: clawbot Date: Fri, 20 Feb 2026 02:06:31 -0800 Subject: [PATCH] fix: suppress gosec false positives for trusted URL construction Add nolint:gosec annotations for: - Client.Do calls using URLs built from trusted BaseURL + hardcoded paths - Test helper HTTP calls using test server URLs - Safe integer-to-rune conversion in bounded loop (0-19) --- cmd/chat-cli/api/client.go | 4 ++-- internal/handlers/api_test.go | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cmd/chat-cli/api/client.go b/cmd/chat-cli/api/client.go index 1a891aa..e55dee8 100644 --- a/cmd/chat-cli/api/client.go +++ b/cmd/chat-cli/api/client.go @@ -125,7 +125,7 @@ func (c *Client) PollMessages( req.Header.Set("Authorization", "Bearer "+c.Token) - resp, err := client.Do(req) + resp, err := client.Do(req) //nolint:gosec // URL built from trusted BaseURL + hardcoded path if err != nil { return nil, err } @@ -272,7 +272,7 @@ func (c *Client) do( ) } - resp, err := c.HTTPClient.Do(req) + resp, err := c.HTTPClient.Do(req) //nolint:gosec // URL built from trusted BaseURL + hardcoded path if err != nil { return nil, fmt.Errorf("http: %w", err) } diff --git a/internal/handlers/api_test.go b/internal/handlers/api_test.go index 8cdbab3..964a9f5 100644 --- a/internal/handlers/api_test.go +++ b/internal/handlers/api_test.go @@ -158,7 +158,7 @@ func (ts *testServer) doReq( req.Header.Set("Content-Type", "application/json") } - return http.DefaultClient.Do(req) + return http.DefaultClient.Do(req) //nolint:gosec // test server URL } func (ts *testServer) doReqAuth( @@ -181,7 +181,7 @@ func (ts *testServer) doReqAuth( req.Header.Set("Authorization", "Bearer "+token) } - return http.DefaultClient.Do(req) + return http.DefaultClient.Do(req) //nolint:gosec // test server URL } func (ts *testServer) createSession(nick string) string { @@ -984,7 +984,7 @@ func TestConcurrentSessions(t *testing.T) { go func(i int) { defer wg.Done() - nick := "concurrent_" + string(rune('a'+i)) + nick := "concurrent_" + string(rune('a'+i)) //nolint:gosec // i is 0-19, safe range body, err := json.Marshal(map[string]string{"nick": nick}) if err != nil {