From 3b10d376973ea8add4d98d459c88af38b5a12faf Mon Sep 17 00:00:00 2001
From: UnseenWizzard <nicola.riedmann@dynatrace.com>
Date: Tue, 20 Dec 2022 16:37:42 +0100
Subject: [PATCH] chore(rest): Ignore semgrep warning about directly writing to
 http response in test util

Semgrep rule go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter
warn about directly writing random content to a http repsonse without HTML escaped templating.

As this case is a test util used to supply test with defined responses loaded from json
test resources, the warning is marked ignored.
---
 pkg/rest/test_utils.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/rest/test_utils.go b/pkg/rest/test_utils.go
index 7d3f59db6..0e604464b 100644
--- a/pkg/rest/test_utils.go
+++ b/pkg/rest/test_utils.go
@@ -90,7 +90,7 @@ func (i integrationTestResources) handler() func(res http.ResponseWriter, req *h
 			http.Error(res, "Not found", http.StatusNotFound)
 			return
 		} else {
-			_, err := res.Write(content)
+			_, err := res.Write(content) // nosemgrep: go.lang.security.audit.xss.no-direct-write-to-responsewriter.no-direct-write-to-responsewriter
 			if err != nil {
 				http.Error(res, err.Error(), http.StatusInternalServerError)
 			}