Fix linter errors.

[ggreer]

Summary by CodeRabbit

• Tests
  • Added a security-suppression annotation for mock/test data to avoid false-positive scans.
  • Simplified test response writing to reduce formatting noise and improve test clarity and reliability.

[coderabbitai]

📝 Walkthrough

Walkthrough

Added a Gosec suppression comment at the top of test/mocks/github.go and consolidated a multi-line response write in getRepositoryCollaborator into a single Write call; no exported APIs were changed.

Changes

Cohort / File(s)	Summary
Test mock adjustments test/mocks/github.go	Inserted a // nolint:gosec suppression comment and replaced a multi-line response write with a single Write call for the same mock response content.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 I nibble code with tidy paws,
I hush the linter’s needless laws,
One write, one note — mock tests are neat,
A tiny hop, a tidy feat. 🥕

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'Fix linter errors' is vague and generic, lacking specific details about which linter errors were fixed or what changes were made.	Use a more specific title that describes the actual changes, such as 'Add Gosec suppression comment and refactor getRepositoryCollaborator write call' or 'Suppress XSS checks in test mocks and consolidate response write'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch ggreer/fix-lint

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Claude finished @ggreer's task in 1m 0s —— View job

---

PR Review

• Gather context and read changed files
• Review PR changes
• Post review feedback

---

This PR adds //nolint:gosec directives to four w.Write() calls in test/mocks/github.go to silence gosec warnings about unvalidated data written to HTTP responses. One call is also reformatted from multi-line to single-line for consistency.

Overall: LGTM. The changes are minimal, targeted, and correct.

What's being suppressed

gosec flags writes to http.ResponseWriter with data from potentially uncontrolled sources as a possible XSS vector. In this context — a test mock server — the concern is entirely theoretical. The data comes from in-memory test fixtures marshaled to JSON, not from any real user input.

Format compliance

The nolintlint config in .golangci.yml enforces both require-explanation: true and require-specific: true. All four new directives satisfy both requirements:

• Specific: //nolint:gosec (not a blanket //nolint)
• Explanation provided: // We don't care about XSS in mock data for tests.

Alternative considered

A global gosec exclusion for test files in .golangci.yml would be cleaner, but that file is managed by baton-admin (DO NOT EDIT header). Per-line nolint directives are the right approach here.

Minor observation

The reformatting in getRepositoryCollaborator (test/mocks/github.go:454-456) consolidates a three-line w.Write() call to one line. This is stylistically consistent with the rest of the file and fine.

No issues found.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@test/mocks/github.go`:
- Line 179: Remove the unused //nolint:gosec directives that are attached to
writes of marshaled mock objects (e.g., the calls to
w.Write(mock.MustMarshal(object)) and the equivalent mock.MustMarshal(...)
usages around the same spots); open test/mocks/github.go, locate those
occurrences (the lines with w.Write(mock.MustMarshal(object)) and other
mock.MustMarshal(...) calls that currently have //nolint:gosec) and delete the
trailing //nolint:gosec comments so nolintlint no longer fails the build,
ensuring no other unused //nolint:gosec remains in the file.

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2b5e741 and 6308d21.

📒 Files selected for processing (1)

• test/mocks/github.go

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Remove unused //nolint:gosec directives to unblock CI.

Line 179, Line 418, Line 432, and Line 457 add //nolint:gosec, but those lines have no active gosec finding, so nolintlint fails the build on unused directives.

Proposed fix

-		_, _ = w.Write(mock.MustMarshal(object)) //nolint:gosec // We don't care about XSS in mock data for tests.
+		_, _ = w.Write(mock.MustMarshal(object))
...
-		_, _ = w.Write(mock.MustMarshal(userToMembership(&user))) //nolint:gosec // We don't care about XSS in mock data for tests.
+		_, _ = w.Write(mock.MustMarshal(userToMembership(&user)))
...
-	_, _ = w.Write(mock.MustMarshal(userToMembership(user))) //nolint:gosec // We don't care about XSS in mock data for tests.
+	_, _ = w.Write(mock.MustMarshal(userToMembership(user)))
...
-	_, _ = w.Write(mock.MustMarshal(user)) //nolint:gosec // We don't care about XSS in mock data for tests.
+	_, _ = w.Write(mock.MustMarshal(user))

Also applies to: 418-418, 432-432, 457-457

🧰 Tools

🪛 golangci-lint (2.5.0)

[error] 179-179: directive //nolint:gosec // We don't care about XSS in mock data for tests. is unused for linter "gosec"

(nolintlint)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/mocks/github.go` at line 179, Remove the unused //nolint:gosec
directives that are attached to writes of marshaled mock objects (e.g., the
calls to w.Write(mock.MustMarshal(object)) and the equivalent
mock.MustMarshal(...) usages around the same spots); open test/mocks/github.go,
locate those occurrences (the lines with w.Write(mock.MustMarshal(object)) and
other mock.MustMarshal(...) calls that currently have //nolint:gosec) and delete
the trailing //nolint:gosec comments so nolintlint no longer fails the build,
ensuring no other unused //nolint:gosec remains in the file.

[github-actions]

Claude encountered an error —— View job

---

PR Review

• Gather context and read changed files
• Review PR changes
• Post review feedback

---

This PR was updated to address CodeRabbit's concern: the initial commit had per-line //nolint:gosec directives that nolintlint flagged as unused (since gosec didn't actually fire on those individual lines). The fix moves to a file-level directive.

Changes

test/mocks/github.go:

1. File-level nolint added (line 1): //nolint:gosec // We don't care about XSS in mock data for tests.
   This is the right approach. File-level directives placed before the package declaration apply to the whole file and are not checked by nolintlint for "unused" status, avoiding the failure that per-line directives triggered. Both require-specific and require-explanation are satisfied.

2. Formatting (line 458): Consolidates a 3-line w.Write() call to one line. No functional change.

Assessment

LGTM. The approach is correct:

• Per-line //nolint:gosec directives fail when nolintlint detects no actual gosec finding on that line
• File-level suppression is the idiomatic solution when gosec reports false positives throughout an entire file (common for test mock HTTP handlers)
• The explanation is clear and accurate

The .golangci.yml nolintlint config (require-explanation: true, require-specific: true) is fully satisfied. No issues.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@test/mocks/github.go`:
- Line 1: Remove the unused file-level directive "//nolint:gosec" from
test/mocks/github.go; do not add or move it elsewhere—simply delete that comment
so nolintlint no longer reports an unused directive and CI can pass.

---

ℹ️ Review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6308d21 and 834e7a6.

📒 Files selected for processing (1)

• test/mocks/github.go

[coderabbitai]

⚠️ Potential issue | 🟠 Major

File-level //nolint:gosec directive is still unused and will fail CI.

The nolintlint linter reports this directive is unused because gosec doesn't flag any issues in this file. The original problem wasn't that gosec was raising false positives—it was that the //nolint:gosec comments had no findings to suppress.

The fix is to simply remove the directive entirely rather than moving it to file level.

Proposed fix

-//nolint:gosec // We don't care about XSS in mock data for tests.
 package mocks

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	//nolint:gosec // We don't care about XSS in mock data for tests.
	package mocks

🧰 Tools

🪛 golangci-lint (2.5.0)

[error] 1-1: directive //nolint:gosec // We don't care about XSS in mock data for tests. is unused for linter "gosec"

(nolintlint)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@test/mocks/github.go` at line 1, Remove the unused file-level directive
"//nolint:gosec" from test/mocks/github.go; do not add or move it
elsewhere—simply delete that comment so nolintlint no longer reports an unused
directive and CI can pass.

false positive on stale code