From ef8aec77a97c2a07abd696fa0456ef17e56fb549 Mon Sep 17 00:00:00 2001 From: Will Norris Date: Sat, 22 Jan 2022 10:29:05 -0800 Subject: [PATCH] lint: explain hash alg exclusion better --- .golangci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index d8c4f69..fb41023 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -13,12 +13,12 @@ linters: issues: exclude-rules: - # Some cache implementations use md5 hashes for cached filenames. There is + # Some cache implementations use md5 hashes for cached filenames. There is # a slight risk of cache poisoning if an attacker could construct a URL - # with the same hash, but it would also need to be allowed by the proxies - # security settings. Changing these to a more secure hash algorithm would - # result in 100% cache misses when users upgrade. For now, just leave these - # alone. + # with the same hash, but the URL would also need to be allowed by the + # proxy's security settings (host allowlist, URL signature, etc). Changing + # these to a more secure hash algorithm would result in 100% cache misses + # when users upgrade. For now, just leave these alone. - path: internal/.*cache linters: gosec text: G(401|501)