add ignore comment for fixinator false positive

justincarter · justincarter · commit acaa23289d01 · 2026-03-17T11:03:47.000+08:00
diff --git a/packages/types/a0User.cfc b/packages/types/a0User.cfc
@@ -16,6 +16,7 @@
 
 		<cfquery datasource="#application.dsn#" name="qUser">
 			select	*
+			<!--- ignore:sqlinjection - #application.dbowner# is not vulnerable to SQL injection because it is already validated --->
 			from	#application.dbowner#a0User
 			where	lower(userid)=<cfqueryparam cfsqltype="cf_sql_varchar" value="#lcase(arguments.userid)#" />
 		</cfquery>
