Add gosec rule documentation links to specs/gosec.md

[Copilot]

Each excluded gosec rule now links directly to its documentation, eliminating the need to search the gosec repository manually.

Changes

• General reference section: Added gosec repository and rules reference links at top of Overview section
• Per-rule documentation links: Added documentation URL with rule description for all 11 excluded rules (G101, G115, G602, G204, G404, G306, G305, G110, G301, G302, G304)

Example

### G101: Hardcoded Credentials
- **CWE**: CWE-798 (Use of Hard-coded Credentials)
- **Documentation**: https://github.com/securego/gosec#available-rules (G101 - Look for hardcoded credentials)
- **Rationale**: High false positive rate on variable names containing terms like `token`, `secret`, `password`, `key`, etc.

All excluded rules from .golangci.yml now have corresponding documentation links in the specs file.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[plan] Add gosec rule documentation links to specs/gosec.md</issue_title>
<issue_description>## Objective

Enhance specs/gosec.md with direct links to gosec rule documentation for each excluded rule.

Context

From discussion #12003: Make it easier for developers to understand security rules by adding documentation links for each excluded rule.

Approach

1. Review current exclusions in specs/gosec.md
2. Add documentation links for each rule:

### G101: Hardcoded Credentials
**CWE-798**: Use of Hard-coded Credentials  
**Documentation**: [gosec rule G101](https://github.com/securego/gosec#available-rules)  
**Why Excluded**: False positives in test fixtures and example code

3. Add link to gosec rules reference at top of document
4. Include examples from codebase where applicable

Files to Modify

• Update: specs/gosec.md

Acceptance Criteria

• All excluded rules have documentation links
• Links are valid and point to correct rule docs
• General gosec documentation link added at top
• Examples provided for context

Priority

LOW - Documentation improvement

Estimated Effort

30-45 minutes

AI generated by Plan Command for discussion #12003

Comments on the Issue (you are @copilot in this section)

• Fixes [plan] Add gosec rule documentation links to specs/gosec.md #12184

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[github-actions]

🔍 PR Triage Results

Category: feature | Risk: high | Priority: 47/100

Scores Breakdown

• Impact: 35/50 - Documentation improvement with good impact
• Urgency: 7/30 - Standard feature development timeline
• Quality: 5/20 - Draft PR with basic description

📋 Recommended Action: batch_review

This PR is part of batch-feature-high (6 PRs) - high-risk feature additions requiring careful review. Should be reviewed in priority order with attention to completeness and accuracy.

Note: This is a DRAFT PR - may need author input before final review.

Batch PRs: #12322, #12321, #12320, #12311, #12130, #12085

---

Triaged by PR Triage Agent on 2026-01-28T18:16:26Z

AI generated by PR Triage Agent