use "#nosec" instead of "nolint:gosec" to be more specific

The `#nosec` comment allows ignoring a specific rule; this prevents
potentially other "gosec" linting failulres from being silently ignored.

Signed-off-by: Sebastiaan van Stijn <[email protected]>

Author: thaJeztah

build/replicatedstream_test.go

@@ -43,7 +43,7 @@ func TestSyncMultiReaderParallel(t *testing.T) {
 			buf := make([]byte, bufferSize)
 			for totalRead < len(data) {
 				// Simulate random read sizes
-				readSize := mathrand.Intn(bufferSize) //nolint:gosec
+				readSize := mathrand.Intn(bufferSize) // #nosec G404 -- ignore "Use of weak random number generator (math/rand instead of crypto/rand)"
 				n, err := reader.Read(buf[:readSize])
 
 				if n > 0 {
@@ -58,14 +58,15 @@ func TestSyncMultiReaderParallel(t *testing.T) {
 
 				assert.NoError(t, err, "Reader %d error", readerId)
 
-				if mathrand.Intn(1000) == 0 { //nolint:gosec
+				// #nosec G404 -- ignore "Use of weak random number generator (math/rand instead of crypto/rand)"
+				if mathrand.Intn(1000) == 0 {
 					t.Logf("Reader %d closing", readerId)
 					// Simulate random close
 					return
 				}
 
 				// Simulate random timing between reads
-				time.Sleep(time.Millisecond * time.Duration(mathrand.Intn(5))) //nolint:gosec
+				time.Sleep(time.Millisecond * time.Duration(mathrand.Intn(5))) // #nosec G404 -- ignore "Use of weak random number generator (math/rand instead of crypto/rand)"
 			}
 
 			assert.Equal(t, len(data), totalRead, "Reader %d total read mismatch", readerId)

driver/kubernetes/podchooser/podchooser.go

@@ -37,7 +37,7 @@ func (pc *RandomPodChooser) ChoosePod(ctx context.Context) (*corev1.Pod, error)
 	if randSource == nil {
 		randSource = rand.NewSource(time.Now().Unix())
 	}
-	rnd := rand.New(randSource) //nolint:gosec // no strong seeding required
+	rnd := rand.New(randSource) // #nosec G404 -- no strong seeding required
 	n := rnd.Int() % len(pods)
 	logrus.Debugf("RandomPodChooser.ChoosePod(): len(pods)=%d, n=%d", len(pods), n)
 	return pods[n], nil