gsadmin/certctl
1
0
Fork 0
mirror of https://github.com/shankar0123/certctl.git synced 2026-06-12 20:48:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(cert-export): satisfy staticcheck ST1022 on PKCS12CipherModernAES256

Browse Source 
Production hardening II Phase 11 verification — golangci-lint v2.11.4
flagged the const PKCS12CipherModernAES256 doc comment with ST1022
(comments on exported identifiers should start with the identifier
name). Reformatted to lead with the const name; same content.

Reproduced clean: 0 issues across handler/, service/,
connector/issuer/local/, api/router/, ratelimit/.
This commit is contained in:
shankar0123
2026-04-30 05:22:10 +00:00
parent 67593604f1
commit 8891d5f456
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/service/export_audit_actions.go
+5 -5
View File
@@ -50,11 +50,11 @@ const (
AuditActionCertExportFailed = "cert_export_failed" AuditActionCertExportFailed = "cert_export_failed"
) )
// Cipher identifier emitted in the PKCS#12 export audit detail. // PKCS12CipherModernAES256 is the cipher identifier emitted in the
// Pinned here so a future dependency upgrade that silently changes // PKCS#12 export audit detail. Pinned here so a future dependency
// the underlying go-pkcs12 default is caught by the audit drift // upgrade that silently changes the underlying go-pkcs12 default is
// review (operator notices the value diverging from what's // caught by the audit drift review (operator notices the value
// advertised in docs/security.md). // diverging from what's advertised in docs/crl-ocsp.md).
// //
// pkcs12.Modern (the SSLMate library) produces AES-256-CBC PBE2 // pkcs12.Modern (the SSLMate library) produces AES-256-CBC PBE2
// with SHA-256 KDF. Documented in github.com/SSLMate/go-pkcs12 v0.7+. // with SHA-256 KDF. Documented in github.com/SSLMate/go-pkcs12 v0.7+.