diff --git a/pkg/yqlib/file_utils.go b/pkg/yqlib/file_utils.go
index cfe8d2c4..00cbdbdc 100644
--- a/pkg/yqlib/file_utils.go
+++ b/pkg/yqlib/file_utils.go
@@ -25,7 +25,10 @@ func safelyRenameFile(from string, to string) {
 
 // thanks https://stackoverflow.com/questions/21060945/simple-way-to-copy-a-file-in-golang
 func copyFileContents(src, dst string) (err error) {
-	in, err := os.Open(src) // nolint gosec
+	// ignore CWE-22 gosec issue - that's more targetted for http based apps that run in a public directory,
+	// and ensuring that it's not possible to give a path to a file outside thar directory.
+
+	in, err := os.Open(src) // #nosec
 	if err != nil {
 		return err
 	}
diff --git a/pkg/yqlib/utils.go b/pkg/yqlib/utils.go
index dd93d248..aee9f5e1 100644
--- a/pkg/yqlib/utils.go
+++ b/pkg/yqlib/utils.go
@@ -13,7 +13,9 @@ func readStream(filename string) (io.Reader, error) {
 	if filename == "-" {
 		return bufio.NewReader(os.Stdin), nil
 	} else {
-		return os.Open(filename) // nolint gosec
+		// ignore CWE-22 gosec issue - that's more targetted for http based apps that run in a public directory,
+		// and ensuring that it's not possible to give a path to a file outside thar directory.
+		return os.Open(filename) // #nosec
 	}
 }
 
diff --git a/test/utils.go b/test/utils.go
index 3cd61385..ab03776a 100644
--- a/test/utils.go
+++ b/test/utils.go
@@ -81,7 +81,9 @@ func WriteTempYamlFile(content string) string {
 }
 
 func ReadTempYamlFile(name string) string {
-	content, _ := ioutil.ReadFile(name)
+	// ignore CWE-22 gosec issue - that's more targetted for http based apps that run in a public directory,
+	// and ensuring that it's not possible to give a path to a file outside thar directory.
+	content, _ := ioutil.ReadFile(name) // #nosec
 	return string(content)
 }