From 52770efb1b8d7ac9938c5dd829eca54af5d122f8 Mon Sep 17 00:00:00 2001
From: cschantz <admin@server.local>
Date: Fri, 9 Jan 2026 18:10:12 -0500
Subject: [PATCH] Fix HARDCODED-PATH false positives

Skip these safe multi-panel patterns:
- Fallback patterns: ${VAR:-/path}
- if/elif path existence checks
- Array definitions with multiple panel paths

These patterns are proper multi-panel implementations.
---
 tools/toolkit-qa-check.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/tools/toolkit-qa-check.sh b/tools/toolkit-qa-check.sh
index bc14f6b..a398ab8 100755
--- a/tools/toolkit-qa-check.sh
+++ b/tools/toolkit-qa-check.sh
@@ -2955,6 +2955,15 @@ while IFS=: read -r file line_num line_content; do
     # Skip comments and variable definitions that are panel-aware
     echo "$line_content" | grep -qE '^\s*#|case.*CONTROL_PANEL' && continue
 
+    # Skip if using fallback pattern ${VAR:-/path} (proper multi-panel pattern)
+    echo "$line_content" | grep -qE '\$\{[A-Z_]+:-/var/cpanel|\$\{[A-Z_]+:-/var/log|\$\{[A-Z_]+:-/home' && continue
+
+    # Skip if/elif/then statements checking paths (multi-panel aware)
+    echo "$line_content" | grep -qE '^\s*(if|elif)\s+\[.*-[def].*\]' && continue
+
+    # Skip array definitions (multi-panel path lists)
+    echo "$line_content" | grep -qE '^\s*[a-zA-Z_]+=\(' && continue
+
     # Extract the hardcoded path
     path=$(echo "$line_content" | grep -oE '(/var/cpanel|/var/log/apache2/domlogs|/home/[^/]*/public_html)' | head -1)