fix comments

Author: ArtemHoruzhenko

redisinsight/api/src/modules/custom-tutorial/providers/custom-tutorial.fs.provider.ts

@@ -86,6 +86,8 @@ export class CustomTutorialFsProvider {
         return Promise.reject(new BadRequestException(ERROR_MESSAGES.CUSTOM_TUTORIAL_UNSUPPORTED_ORIGIN));
       }
 
+      // false positive. we have whitelist checks above.
+      // lgtm[js/request-forgery]
       const { data } = await axios.get(link, {
         responseType: 'arraybuffer',
       });

redisinsight/api/src/modules/rdi/client/api.rdi.client.ts

@@ -44,6 +44,8 @@ export class ApiRdiClient extends RdiClient {
       baseURL: rdi.url,
       timeout: RDI_TIMEOUT,
       httpsAgent: new https.Agent({
+        // we might work with self-signed certificates for local builds
+        // lgtm[js/disabling-certificate-validation]
         rejectUnauthorized: false,
       }),
     });

redisinsight/api/src/modules/redis-enterprise/redis-enterprise.service.ts

@@ -41,7 +41,9 @@ export class RedisEnterpriseService {
   // TODO: maybe find a workaround without Disabling certificate validation.
   private api = axios.create({
     httpsAgent: new https.Agent({
-      rejectUnauthorized: false, // lgtm[js/disabling-certificate-validation]
+      // we might work with self-signed certificates for local builds
+      // lgtm[js/disabling-certificate-validation]
+      rejectUnauthorized: false,
     }),
   });