Content-Length: 253799 | pFad | http://github.com/helm/helm/pull/13634

2E Ensuring the file paths are clean prior to passing to securejoin (v3 backport) by mattfarina · Pull Request #13634 · helm/helm · GitHub
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensuring the file paths are clean prior to passing to securejoin (v3 backport) #13634

Open
wants to merge 1 commit into
base: dev-v3
Choose a base branch
from
Open

Ensuring the file paths are clean prior to passing to securejoin (v3 backport) #13634

wants to merge 1 commit into from
+6 −0

Conversation

mattfarina
Copy link
Collaborator

securejoin v0.4.0 made a possibly breaking change. Only clean paths are safe to pass to SecureJoin or they could return an error or have the wrong path. The details are in the release notes for v0.4.0.

This change ensures the paths are clean prior to passing to SecureJoin.

What this PR does / why we need it: This is the backport of #13633. This is needed prior to merging #13631 to ensure that no users are broken. securejoin had a possibly breaking change and this accounts for it.

Special notes for your reviewer:

If applicable:

  • this PR contains user facing changes (the docs needed label should be applied if so)
  • this PR contains unit tests
  • this PR has been tested for backwards compatibility

@mattfarina
Ensuring the file paths are clean prior to passing to securejoin
fba9d08 
securejoin v0.4.0 made a possibly breaking change. Only clean paths
are safe to pass to SecureJoin or they could return an error or
have the wrong path. The details are in the release notes for v0.4.0.

This change ensures the paths are clean prior to passing to SecureJoin.

Signed-off-by: Matt Farina <matt.farina@suse.com>
(cherry picked from commit 35a9ead)
@mattfarina mattfarina added this to the 3.18.0 milestone Jan 14, 2025
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jan 14, 2025
@mattfarina mattfarina mentioned this pull request Jan 14, 2025
Open
robertsirc
robertsirc approved these changes Jan 15, 2025
View reviewed changes
Copy link
Contributor

@robertsirc robertsirc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robertsirc robertsirc robertsirc approved these changes

Assignees
No one assigned
Labels
size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
3.18.0
Development

Successfully merging this pull request may close these issues.
2 participants
@mattfarina @robertsirc








ApplySandwichStrip

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier!      Saves Data!


--- a PPN by Garber Painting Akron. With Image Size Reduction included!

Fetched URL: http://github.com/helm/helm/pull/13634

Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy