From 1cef01b50743e90051a7c8d067b823af9d420575 Mon Sep 17 00:00:00 2001
From: Stephen Braverman <stephen.braverman@armis.com>
Date: Mon, 23 Mar 2026 14:39:20 -0400
Subject: [PATCH] [PPSC-602] fix: document existing page limit bounds
 validation (CWE-770)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 internal/cmd/scan_repo.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/internal/cmd/scan_repo.go b/internal/cmd/scan_repo.go
index e459ebb..4d5a7d5 100644
--- a/internal/cmd/scan_repo.go
+++ b/internal/cmd/scan_repo.go
@@ -55,6 +55,8 @@ var scanRepoCmd = &cobra.Command{
 			return err
 		}
 
+		// CWE-770 false positive: getPageLimit() validates page limit is in range 1-1000
+		// (see validatePageLimit in root.go). The limit is already bounded.
 		limit, err := getPageLimit()
 		if err != nil {
 			return err