STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use filepath.Base to sanitize path for archive downloads (#7805)

Browse source
This commit is contained in:
Sam Coe 2023-08-07 07:35:47 -07:00 committed by GitHub
parent f777bec798
commit e0d2fc8eaa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/cmd/release/download/download.go
View file

@ -290,7 +290,7 @@ func downloadAsset(dest *destinationWriter, httpClient *http.Client, assetURL, f
return fmt.Errorf("unable to parse file name of archive: %w", err)
}
if serverFileName, ok := params["filename"]; ok {
fileName = filepath.Clean(serverFileName)
fileName = filepath.Base(serverFileName)
} else {
return errors.New("unable to determine file name of archive")
}