Skip to content

fix: exclude gosec G117 for golangci-lint > 2.9#898

Open
glennpratt wants to merge 2 commits intolinode:mainfrom
glennpratt:gpratt/fix-golangci-lint
Open

fix: exclude gosec G117 for golangci-lint > 2.9#898
glennpratt wants to merge 2 commits intolinode:mainfrom
glennpratt:gpratt/fix-golangci-lint

Conversation

@glennpratt
Copy link

New regression with golangci-lint 2.10 which is automatically used because tests target latest.

Copilot AI review requested due to automatic review settings February 19, 2026 01:05
@glennpratt glennpratt requested a review from a team as a code owner February 19, 2026 01:05
@glennpratt glennpratt requested review from vshanthe and yec-akamai and removed request for a team February 19, 2026 01:05
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses a regression introduced by golangci-lint 2.10, which is automatically used in CI due to the version: latest configuration. The PR adds an exclusion for gosec rule G117, which detects potential hardcoded credentials by flagging variables and fields containing "secret" in their names. The codebase has legitimate API response fields like OAuthClient.Secret, TwoFactorSecret.Secret, and ObjectStorageKey.SecretKey that trigger false positives for this rule.

Changes:

  • Adds exclusion rule in .golangci.yml to suppress gosec G117 warnings

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant

Comments