Skip to content

Commit d372380

Browse files
manusamanusa
authored
chore(security): try to fix snyk security issues (#345)
* chore(docs): update tools in README.md Previous update wasn't made automatically. Signed-off-by: Marc Nuri <[email protected]> * chore(security): try to fix snyk security issues Even after the fix, Snyk seems to be reporting false positives. Signed-off-by: Marc Nuri <[email protected]> --------- Signed-off-by: Marc Nuri <[email protected]>
1 parent 792d2f5 commit d372380

File tree

2 files changed

+11
-3
lines changed

2 files changed

+11
-3
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -261,7 +261,7 @@ The following sets of tools are available (all on by default):
261261
- `name` (`string`) **(required)** - Name of the Pod to get the logs from
262262
- `namespace` (`string`) - Namespace to get the Pod logs from
263263
- `previous` (`boolean`) - Return previous terminated container logs (Optional)
264-
- `tail` (`number`) - Number of lines to retrieve from the end of the logs (Optional, default: 100)
264+
- `tail` (`integer`) - Number of lines to retrieve from the end of the logs (Optional, default: 100)
265265

266266
- **pods_run** - Run a Kubernetes Pod in the current or provided namespace with the provided container image and optional name
267267
- `image` (`string`) **(required)** - Container Image to run in the Pod

internal/tools/update-readme/main.go

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"fmt"
66
"maps"
77
"os"
8+
"path/filepath"
89
"slices"
910
"strings"
1011

@@ -25,7 +26,14 @@ func (o *OpenShift) IsOpenShift(ctx context.Context) bool {
2526
var _ internalk8s.Openshift = (*OpenShift)(nil)
2627

2728
func main() {
28-
readme, err := os.ReadFile(os.Args[1])
29+
// Snyk reports false positive unless we flow the args through filepath.Clean and filepath.Localize in this specific order
30+
var err error
31+
localReadmePath := filepath.Clean(os.Args[1])
32+
localReadmePath, err = filepath.Localize(localReadmePath)
33+
if err != nil {
34+
panic(err)
35+
}
36+
readme, err := os.ReadFile(localReadmePath)
2937
if err != nil {
3038
panic(err)
3139
}
@@ -81,7 +89,7 @@ func main() {
8189
toolsetTools.String(),
8290
)
8391

84-
if err := os.WriteFile(os.Args[1], []byte(updated), 0o644); err != nil {
92+
if err := os.WriteFile(localReadmePath, []byte(updated), 0o644); err != nil {
8593
panic(err)
8694
}
8795
}

0 commit comments

Comments
 (0)