Move NOSONAR S5527/S4830 onto the lines Sonar actually blames

Sonar reports S5527 on the ssl.SSLContext(PROTOCOL_TLS_CLIENT)
constructor line and S4830 on the verify_mode = CERT_NONE
assignment, not on the def line of the helper. Place each NOSONAR
on the offending line so the flow-analysis suppression sticks.

Author: JE-Chen

je_auto_control/gui/remote_desktop_tab.py

@@ -119,17 +119,17 @@ def _build_verifying_client_context() -> ssl.SSLContext:
     return ctx
 
 
-def _build_insecure_client_context() -> ssl.SSLContext:  # NOSONAR S4830 S5527
+def _build_insecure_client_context() -> ssl.SSLContext:
     """Opt-in self-signed loopback context — verification intentionally off.
 
     Triggered only when the user ticks 'Skip cert verification' on the
     Viewer panel; meant for self-signed dev / LAN hosts where the user
     has already pinned the host out-of-band (token + 9-digit Host ID).
     """
-    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)  # NOSONAR S5527  # opt-in self-signed
     ctx.minimum_version = ssl.TLSVersion.TLSv1_2
     ctx.check_hostname = False
-    ctx.verify_mode = ssl.CERT_NONE
+    ctx.verify_mode = ssl.CERT_NONE  # NOSONAR S4830  # opt-in self-signed
     return ctx
 
 

test/unit_test/headless/test_remote_desktop_tls.py

@@ -88,12 +88,12 @@ def _trusting_client_context(ca_path: Path) -> ssl.SSLContext:
     return ctx
 
 
-def _insecure_client_context() -> ssl.SSLContext:  # NOSONAR S4830 S5527
+def _insecure_client_context() -> ssl.SSLContext:
     """Self-signed loopback test context — verification deliberately off."""
-    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+    ctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)  # NOSONAR S5527  # loopback self-signed test
     ctx.minimum_version = ssl.TLSVersion.TLSv1_2
     ctx.check_hostname = False
-    ctx.verify_mode = ssl.CERT_NONE
+    ctx.verify_mode = ssl.CERT_NONE  # NOSONAR S4830  # loopback self-signed test
     return ctx