The function uses recursion and taints its own cwd parameter. Later uses the filesystem cwd to create a relative path to return. This is incorrect since the point of passing in a cwd is for the function to work relative to that, not the filesystem cwd. Alternatively it could rely solely on the filesystem cwd (since the caller has a chance to modify it) and remove the cwd parameter
This bug only manifests when the cwd argument is not the same as the process cwd, such as when running in vscode extension.
I'm not sure what the callsites of this function are since CLI uses its own version of this function (rather, this function is probably based on the one in CLI).
https://github.com/superfaceai/one-sdk-js/blob/2b51b09f214d89e3166a5813ecc91c1048e974be/src/schema-tools/superjson/utils.ts#L52
The function uses recursion and taints its own
cwdparameter. Later uses the filesystem cwd to create a relative path to return. This is incorrect since the point of passing in acwdis for the function to work relative to that, not the filesystem cwd. Alternatively it could rely solely on the filesystem cwd (since the caller has a chance to modify it) and remove thecwdparameterThis bug only manifests when the
cwdargument is not the same as the process cwd, such as when running in vscode extension.I'm not sure what the callsites of this function are since CLI uses its own version of this function (rather, this function is probably based on the one in CLI).