diff --git a/catalog.go b/catalog.go
index bc93159..0ab5007 100644
--- a/catalog.go
+++ b/catalog.go
@@ -118,6 +118,7 @@ func fetchProjectsFromAPI() ([]string, error) {
 	logger.Debug("Fetching projects from API", slog.String("url", apiURL))
 
 	resp, err := client.Get(apiURL)
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	if err != nil {
 		return nil, fmt.Errorf("failed to fetch catalogs: %w", err)
 	}
diff --git a/cron.go b/cron.go
index 383f9ba..9c7bc1a 100644
--- a/cron.go
+++ b/cron.go
@@ -79,6 +79,7 @@ func listEventToday() {
 // fetchEvents récupère les événements du jour depuis l'API
 func fetchEvents() ([]TodayEventReponse, error) {
 	resp, err := http.Get(os.Getenv("TRACKER_HOST") + "/api/v1alpha1/events/today")
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	if err != nil {
 		return []TodayEventReponse{}, fmt.Errorf("erreur lors de l'appel API : %v", err)
 	}
@@ -336,6 +337,7 @@ func fetchEventsToSync() ([]EventToSync, error) {
 		slog.String("end_date", endDate),
 		slog.String("url", fullURL))
 
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	resp, err := http.Get(fullURL)
 	if err != nil {
 		return nil, fmt.Errorf("API call failed: %w", err)
diff --git a/slack.go b/slack.go
index 71c38a9..d4fc89c 100644
--- a/slack.go
+++ b/slack.go
@@ -921,6 +921,7 @@ func postTrackerChangeLog(event EventReponse, action string, note string, user s
 	urlStr := os.Getenv("TRACKER_HOST") + "/api/v1alpha1/event/" + eventId + "/changelog"
 	fmt.Printf("Posting changelog to %s for action %s (using=%s, id=%s, slack_id=%s)\n", urlStr, action, identifierSource, event.Metadata.Id, event.Metadata.SlackId)
 
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	req, err := http.NewRequest("POST", urlStr, bytes.NewReader(bodyBytes))
 	if err != nil {
 		fmt.Printf("changelog request build error: %v\n", err)
@@ -928,6 +929,7 @@ func postTrackerChangeLog(event EventReponse, action string, note string, user s
 	}
 	req.Header.Set("Content-Type", "application/json")
 
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
 		fmt.Printf("changelog post error: %v\n", err)
@@ -1165,11 +1167,13 @@ func postTrackerEvent(tracker tracker) {
 	}
 
 	body := bytes.NewReader(payloadBytes)
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 
 	req, err := http.NewRequest("POST", os.Getenv("TRACKER_HOST")+"/api/v1alpha1/event", body)
 	if err != nil {
 		fmt.Println(err)
 	}
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	req.Header.Set("Content-Type", "application/json")
 
 	resp, err := http.DefaultClient.Do(req)
@@ -1225,11 +1229,13 @@ func editTrackerEvent(tracker tracker) {
 	if err != nil {
 		fmt.Println(err)
 	}
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 
 	body := bytes.NewReader(payloadBytes)
 
 	req, err := http.NewRequest("PUT", os.Getenv("TRACKER_HOST")+"/api/v1alpha1/event", body)
 	if err != nil {
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 		fmt.Println(err)
 	}
 	req.Header.Set("Content-Type", "application/json")
@@ -1267,11 +1273,13 @@ func updateTrackerEvent(tracker EventReponse, status int, tracker_type int) {
 
 	payloadBytes, err := json.Marshal(data)
 	if err != nil {
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 		fmt.Println(err)
 	}
 
 	body := bytes.NewReader(payloadBytes)
 
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	req, err := http.NewRequest("PUT", os.Getenv("TRACKER_HOST")+"/api/v1alpha1/event", body)
 	if err != nil {
 		fmt.Println(err)
@@ -1280,6 +1288,7 @@ func updateTrackerEvent(tracker EventReponse, status int, tracker_type int) {
 
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 		fmt.Println(err)
 	}
 	defer resp.Body.Close()
@@ -1389,6 +1398,7 @@ func updateTrackerEventSlackId(eventId string, slackId string) error {
 	}
 
 	payloadBytes, err := json.Marshal(payload)
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	if err != nil {
 		return fmt.Errorf("failed to marshal payload: %w", err)
 	}
@@ -1396,6 +1406,7 @@ func updateTrackerEventSlackId(eventId string, slackId string) error {
 	// Construire l'URL de l'API avec le nouvel endpoint
 	urlStr := fmt.Sprintf("%s/api/v1alpha1/event/%s/slack", os.Getenv("TRACKER_HOST"), eventId)
 
+// #nosec G107 - TRACKER_HOST is a controlled environment variable
 	// Créer la requête POST
 	req, err := http.NewRequest("POST", urlStr, bytes.NewReader(payloadBytes))
 	if err != nil {