Closed rmulley closed 5 years ago
I am surprised that there is no way to ignore false positives, and I am astounded that this issue is unresolved after two years. I was going to integrate safesql into my CI process, but could not because it flagged safe queries as false positives and gave me no way to ignore them.
Hey @rmulley, @ian-axelrod I have just merged the ability to ignore false positives by adding the following comment:
//nolint:safesql
I propose adding functionality to allow the programmer to override the analysis done by SafeSQL to help avoid false positives. Specifically I have have an offending line such as:
That is actually safe, I'd like to be able to provide a comment right above the line that tells SafeSQL to ignore the error. Perhaps something similar to the build-tag syntax such as: