search

cloudfoundry / bosh-softlayer-cpi-release

An external BOSH CPI for the SoftLayer cloud written in Golang
Apache License 2.0
14 stars 20 forks source link

`Potential file inclusion via variable` from GoSec scan #304

Closed mattcui closed 6 years ago

mattcui commented 6 years ago

Reference -> https://stackoverflow.com/questions/52320708/how-to-handle-gosec-linter-warning-potential-file-inclusion-via-variable/52321435

cf-gitbot commented 6 years ago

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/162230719

The labels on this github issue will be updated when the story is started.

edwardstudy commented 6 years ago

Use filepath.Clean(filePath) to clean up file path