1 files changed, 4 insertions, 2 deletions

diff --git a/modules/secret/secret.go b/modules/secret/secret.go
index e70ae1839c..af894a054c 100644
--- a/modules/secret/secret.go
+++ b/modules/secret/secret.go
@@ -16,6 +16,7 @@ import (
 )
 
 // AesEncrypt encrypts text and given key with AES.
+// It is only internally used at the moment to use "SECRET_KEY" for some database values.
 func AesEncrypt(key, text []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
@@ -27,12 +28,13 @@ func AesEncrypt(key, text []byte) ([]byte, error) {
 	if _, err = io.ReadFull(rand.Reader, iv); err != nil {
 		return nil, fmt.Errorf("AesEncrypt unable to read IV: %w", err)
 	}
-	cfb := cipher.NewCFBEncrypter(block, iv)
+	cfb := cipher.NewCFBEncrypter(block, iv) //nolint:staticcheck // need to migrate and refactor to a new approach
 	cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(b))
 	return ciphertext, nil
 }
 
 // AesDecrypt decrypts text and given key with AES.
+// It is only internally used at the moment to use "SECRET_KEY" for some database values.
 func AesDecrypt(key, text []byte) ([]byte, error) {
 	block, err := aes.NewCipher(key)
 	if err != nil {
@@ -43,7 +45,7 @@ func AesDecrypt(key, text []byte) ([]byte, error) {
 	}
 	iv := text[:aes.BlockSize]
 	text = text[aes.BlockSize:]
-	cfb := cipher.NewCFBDecrypter(block, iv)
+	cfb := cipher.NewCFBDecrypter(block, iv) //nolint:staticcheck // need to migrate and refactor to a new approach
 	cfb.XORKeyStream(text, text)
 	data, err := base64.StdEncoding.DecodeString(string(text))
 	if err != nil {