From c63cfc11e2fea485458b8d4e2334717c6ddbf925 Mon Sep 17 00:00:00 2001
From: Leonor Oliveira <9090754+leonorfmartins@users.noreply.github.com>
Date: Mon, 7 Apr 2025 11:52:09 +0200
Subject: [PATCH] [Chore] Mark CodeQL warning as safe (#101365)

* Mark CodeQL warning as safe

* Temporarily ignore file
---
 .github/workflows/codeql-analysis.yml   |  1 +
 pkg/storage/unified/sql/db/dbimpl/db.go | 12 ++++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index bfd38be8eec..d65cc42baf2 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -15,6 +15,7 @@ on:
       - '**/*.md'
       - '**/*.txt'
       - '**/*.yml'
+      - pkg/storage/unified/sql/db/dbimpl/db.go # Ignoring warnings on the whole file for now while inline comments is not supported in Go (https://github.com/github/codeql/issues/11427)
   schedule:
     - cron: '0 4 * * 6'
 
diff --git a/pkg/storage/unified/sql/db/dbimpl/db.go b/pkg/storage/unified/sql/db/dbimpl/db.go
index 4e422dab79f..262b03334aa 100644
--- a/pkg/storage/unified/sql/db/dbimpl/db.go
+++ b/pkg/storage/unified/sql/db/dbimpl/db.go
@@ -48,10 +48,14 @@ type sqlTx struct {
 	*sql.Tx
 }
 
-func (d sqlTx) QueryContext(ctx context.Context, query string, args ...any) (db.Rows, error) {
-	return d.Tx.QueryContext(ctx, query, args...)
+func (tx sqlTx) QueryContext(ctx context.Context, query string, args ...any) (db.Rows, error) {
+	// // codeql-suppress go/sql-query-built-from-user-controlled-sources "The query comes from a safe template source
+	// and the parameters are passed as arguments."
+	return tx.Tx.QueryContext(ctx, query, args...)
 }
 
-func (d sqlTx) QueryRowContext(ctx context.Context, query string, args ...any) db.Row {
-	return d.Tx.QueryRowContext(ctx, query, args...)
+func (tx sqlTx) QueryRowContext(ctx context.Context, query string, args ...any) db.Row {
+	// // codeql-suppress go/sql-query-built-from-user-controlled-sources "The query comes from a safe template source
+	// and the parameters are passed as arguments."
+	return tx.Tx.QueryRowContext(ctx, query, args...)
 }