fetch: silence a CodeQL alert about a local variable's address' use after release

As pointed out by CodeQL, it is a potentially dangerous practice to
store local variables' addresses in non-local structs.

My original intention was to make sure to clear it out after it was
used, and before the function returns (which is when the address would
go stale).

However, I faced too much resistance in the Git project against such
patches, there seemed to always be the overwhelming sentiment that the
code isn't broken (even if it requires a complex and demanding analysis
to wrap one's head around _that_). Therefore, I will be pragmatic and
simply ask CodeQL to hold its peace about this issue forever.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Author: dscho

builtin/fetch.c

@@ -2582,6 +2582,11 @@ int cmd_fetch(int argc,
 			die(_("must supply remote when using --negotiate-only"));
 		gtransport = prepare_transport(remote, 1);
 		if (gtransport->smart_options) {
+			/*
+			 * Intentionally assign the address of a local variable
+			 * to a non-local struct's field.
+			 * codeql[cpp/stack-address-escape]
+			 */
 			gtransport->smart_options->acked_commits = &acked_commits;
 		} else {
 			warning(_("protocol does not support --negotiate-only, exiting"));