From d10fc19d3accc7ba786a7776692fe5875d2ed0ee Mon Sep 17 00:00:00 2001
From: Theofanis Petkos <thepetk@gmail.com>
Date: Thu, 4 Apr 2024 14:23:39 +0100
Subject: [PATCH] Bring back comment for nosec (#231)

Signed-off-by: thepetk <thepetk@gmail.com>
---
 registry-library/library/util.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/registry-library/library/util.go b/registry-library/library/util.go
index 7fcc8dcd6..d4b3b049a 100644
--- a/registry-library/library/util.go
+++ b/registry-library/library/util.go
@@ -122,6 +122,7 @@ func decompress(targetDir string, tarFile string, excludeFiles []string) error {
 				return returnedErr
 			}
 		case tar.TypeReg:
+			/* #nosec G304 -- target is produced using path.Join which cleans the dir path */
 			w, err := os.OpenFile(target, os.O_CREATE|os.O_RDWR, os.FileMode(header.Mode))
 			if err != nil {
 				returnedErr = multierror.Append(returnedErr, err)
@@ -194,7 +195,7 @@ func getHTTPClient(options RegistryOptions) *http.Client {
 
 // Cleans a child path to ensure that there is no escaping from the parent directory with the use of ../ escape methods
 // Ensures that the child path is always contained and absolutely pathed from the parent
-func CleanFilepath(parent string, child string)string{
+func CleanFilepath(parent string, child string) string {
 	target := path.Join(parent, filepath.Clean("/"+child))
 	return target
 }