Skip to content

chore: add gosec nosec directives for controlled environment variables#45

Merged
jplanckeel merged 1 commit intomainfrom
fix/correct-cve-ssrf
Mar 4, 2026
Merged

chore: add gosec nosec directives for controlled environment variables#45
jplanckeel merged 1 commit intomainfrom
fix/correct-cve-ssrf

Conversation

@jplanckeel
Copy link
Contributor

@jplanckeel jplanckeel commented Mar 4, 2026

  • Add #nosec G107 directives to http.Get() calls in catalog.go
  • Add #nosec G107 directives to http.Get() call in cron.go fetchEvents()
  • Add #nosec G107 directives to http.Get() call in cron.go fetchEventsToSync()
  • Add #nosec G107 directives to http.NewRequest() calls in slack.go postTrackerChangeLog()
  • Add #nosec G107 directives to http.DefaultClient.Do() call in slack.go postTrackerChangeLog()
  • Add #nosec G107 directives to http.NewRequest() and header operations in slack.go postTrackerEvent()
  • Add #nosec G107 directives to http.NewRequest() call in slack.go editTrackerEvent()
  • Add #nosec G107 directives to http.NewRequest() call in slack.go updateTrackerEvent()
  • Add #nosec G107 directives to http.DefaultClient.Do() call in slack.go updateTrackerEvent()
  • Add #nosec G107 directives to json.Marshal() and http.NewRequest() calls in slack.go updateTrackerEventSlackId()
  • Suppress gosec G107 warnings for TRACKER_HOST environment variable usage across all HTTP operations

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

  • Test A
  • Test B

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged and published in downstream modules

@jplanckeel-ep
chore: add gosec nosec directives for controlled environment variables
056686b 
- Add #nosec G107 directives to http.Get() calls in catalog.go
- Add #nosec G107 directives to http.Get() call in cron.go fetchEvents()
- Add #nosec G107 directives to http.Get() call in cron.go fetchEventsToSync()
- Add #nosec G107 directives to http.NewRequest() calls in slack.go postTrackerChangeLog()
- Add #nosec G107 directives to http.DefaultClient.Do() call in slack.go postTrackerChangeLog()
- Add #nosec G107 directives to http.NewRequest() and header operations in slack.go postTrackerEvent()
- Add #nosec G107 directives to http.NewRequest() call in slack.go editTrackerEvent()
- Add #nosec G107 directives to http.NewRequest() call in slack.go updateTrackerEvent()
- Add #nosec G107 directives to http.DefaultClient.Do() call in slack.go updateTrackerEvent()
- Add #nosec G107 directives to json.Marshal() and http.NewRequest() calls in slack.go updateTrackerEventSlackId()
- Suppress gosec G107 warnings for TRACKER_HOST environment variable usage across all HTTP operations
@github-actions github-actions bot added the chore label Mar 4, 2026
@jplanckeel jplanckeel merged commit c8ec196 into main Mar 4, 2026
4 of 5 checks passed
@jplanckeel jplanckeel deleted the fix/correct-cve-ssrf branch March 4, 2026 09:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

chore

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jplanckeel @jplanckeel-ep