1 files changed, 8 insertions, 7 deletions

diff --git a/oci/oci.go b/oci/oci.go
index c64077da76..2021ec3538 100644
--- a/oci/oci.go
+++ b/oci/oci.go
@@ -8,13 +8,14 @@ import (
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 )
 
-// TODO verify if this regex is correct for "a" (all); the docs (https://github.com/torvalds/linux/blob/v5.10/Documentation/admin-guide/cgroup-v1/devices.rst) describe:
-//      "'all' means it applies to all types and all major and minor numbers", and shows an example
-//      that *only* passes `a` as value: `echo a > /sys/fs/cgroup/1/devices.allow, which would be
-//      the "implicit" equivalent of "a *:* rwm". Source-code also looks to confirm this, and returns
-//      early for "a" (all); https://github.com/torvalds/linux/blob/v5.10/security/device_cgroup.c#L614-L642
-//nolint: gosimple
-var deviceCgroupRuleRegex = regexp.MustCompile("^([acb]) ([0-9]+|\\*):([0-9]+|\\*) ([rwm]{1,3})$")
+// TODO verify if this regex is correct for "a" (all);
+//
+// The docs (https://github.com/torvalds/linux/blob/v5.10/Documentation/admin-guide/cgroup-v1/devices.rst) describe:
+// "'all' means it applies to all types and all major and minor numbers", and shows an example
+// that *only* passes `a` as value: `echo a > /sys/fs/cgroup/1/devices.allow, which would be
+// the "implicit" equivalent of "a *:* rwm". Source-code also looks to confirm this, and returns
+// early for "a" (all); https://github.com/torvalds/linux/blob/v5.10/security/device_cgroup.c#L614-L642
+var deviceCgroupRuleRegex = regexp.MustCompile("^([acb]) ([0-9]+|\\*):([0-9]+|\\*) ([rwm]{1,3})$") //nolint: gosimple
 
 // SetCapabilities sets the provided capabilities on the spec
 // All capabilities are added if privileged is true.