From 5782072f913a58ffebd730643a92433cbd0f77b5 Mon Sep 17 00:00:00 2001
From: d3m0k1d <d3m0k1d1337@gmail.com>
Date: Thu, 19 Feb 2026 11:14:45 +0300
Subject: [PATCH] fix: ci one more time

---
 internal/blocker/nftables.go | 3 ++-
 internal/blocker/ufw.go      | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/internal/blocker/nftables.go b/internal/blocker/nftables.go
index 937633a..ff8c733 100644
--- a/internal/blocker/nftables.go
+++ b/internal/blocker/nftables.go
@@ -113,6 +113,7 @@ func (n *Nftables) Setup(config string) error {
 	}
 }
 `
+	// #nosec G204 - config is managed by adminstartor
 	cmd := exec.Command("tee", config)
 	stdin, err := cmd.StdinPipe()
 	if err != nil {
@@ -135,7 +136,7 @@ func (n *Nftables) Setup(config string) error {
 	if err = cmd.Wait(); err != nil {
 		return fmt.Errorf("failed to save config: %w", err)
 	}
-
+	// #nosec G204 - config is managed by adminstartor
 	cmd = exec.Command("nft", "-f", config)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
diff --git a/internal/blocker/ufw.go b/internal/blocker/ufw.go
index a8739fc..2def949 100644
--- a/internal/blocker/ufw.go
+++ b/internal/blocker/ufw.go
@@ -23,7 +23,7 @@ func (u *Ufw) Ban(ip string) error {
 	if err != nil {
 		return err
 	}
-
+	// #nosec G204 - ip is validated
 	cmd := exec.Command("ufw", "--force", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
@@ -42,7 +42,7 @@ func (u *Ufw) Unban(ip string) error {
 	if err != nil {
 		return err
 	}
-
+	// #nosec G204 - ip is validated
 	cmd := exec.Command("ufw", "--force", "delete", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {