From 235eca9217be6809c1614132d87f2ed0a63b24c2 Mon Sep 17 00:00:00 2001 From: Alvar Penning Date: Wed, 18 Feb 2026 10:55:45 +0100 Subject: [PATCH] icingadb-migrate: Address golangci-lint gosec reports The latest gosec release brought some new false positives reported in the icingadb-migrate command. --- cmd/icingadb-migrate/convert.go | 2 +- cmd/icingadb-migrate/main.go | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/icingadb-migrate/convert.go b/cmd/icingadb-migrate/convert.go index 8a9a618d..246651bf 100644 --- a/cmd/icingadb-migrate/convert.go +++ b/cmd/icingadb-migrate/convert.go @@ -289,7 +289,7 @@ func convertDowntimeRows( // with factor 1,000 should not overflow anything. In theory, at least. To make sure, invalid values are capped. var flexibleDuration uint64 if durationSec := row.Duration; durationSec >= 0 && durationSec < math.MaxUint64/1_000 { - flexibleDuration = uint64(durationSec) * 1_000 + flexibleDuration = uint64(durationSec) * 1_000 // #nosec G115 -- int64 -> uint64 cannot overflow, check above } downtimeHistory = append(downtimeHistory, &history.DowntimeHistory{ diff --git a/cmd/icingadb-migrate/main.go b/cmd/icingadb-migrate/main.go index 09b225d5..9eb775e3 100644 --- a/cmd/icingadb-migrate/main.go +++ b/cmd/icingadb-migrate/main.go @@ -129,6 +129,8 @@ func parseConfig(f *Flags) (_ *Config, exit int) { } if err := yaml.NewDecoder(cf, yaml.DisallowUnknownField()).Decode(c); err != nil { + // #nosec G705 -- this error message should do no harm in the output, being printed to stderr + // on a terminal and not used as an HTML page or the like _, _ = fmt.Fprintf(os.Stderr, "can't parse config file: %s\n", err.Error()) return nil, 2 }