From e0d2fc8eaabd62f06058df10ffbccd02a67d4c5c Mon Sep 17 00:00:00 2001
From: Sam Coe <samcoe@users.noreply.github.com>
Date: Mon, 7 Aug 2023 07:35:47 -0700
Subject: [PATCH] Use filepath.Base to sanitize path for archive downloads
 (#7805)

---
 pkg/cmd/release/download/download.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/cmd/release/download/download.go b/pkg/cmd/release/download/download.go
index 16e95db29..bab6bd19b 100644
--- a/pkg/cmd/release/download/download.go
+++ b/pkg/cmd/release/download/download.go
@@ -290,7 +290,7 @@ func downloadAsset(dest *destinationWriter, httpClient *http.Client, assetURL, f
 			return fmt.Errorf("unable to parse file name of archive: %w", err)
 		}
 		if serverFileName, ok := params["filename"]; ok {
-			fileName = filepath.Clean(serverFileName)
+			fileName = filepath.Base(serverFileName)
 		} else {
 			return errors.New("unable to determine file name of archive")
 		}