From b9f1ccbdf126e1981b0850e6769fe75c7094d101 Mon Sep 17 00:00:00 2001
From: Juan Abia <jabia@redhat.com>
Date: Wed, 1 Dec 2021 12:20:15 +0100
Subject: [PATCH] gosec: G505, G401 - crypto/sha1 module

Disabling G505 and G401 gosec rules on specific lines on
internal/storage/storage.go to be able to use sha1 algorithm.
---
 internal/store/store.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/internal/store/store.go b/internal/store/store.go
index bdb3803f5..103e4ae8f 100644
--- a/internal/store/store.go
+++ b/internal/store/store.go
@@ -4,6 +4,8 @@ package store
 
 import (
 	"crypto/rand"
+	// The use of SHA1 is valid here
+	/* #nosec G505 */
 	"crypto/sha1"
 	"encoding/hex"
 	"errors"
@@ -90,6 +92,8 @@ func New(stateDir *string, arch distro.Arch, log *log.Logger) *Store {
 }
 
 func randomSHA1String() (string, error) {
+	// The use of SHA1 is accepted here
+	/* #nosec G401 */
 	hash := sha1.New()
 	data := make([]byte, 20)
 	n, err := rand.Read(data)