Mole/cmd/analyze at 112d1348292ec28fd64cd038808b11209b9bd521 - Mole

mirror of https://github.com/tw93/Mole.git synced 2026-03-22 19:40:07 +00:00

Files

Tw93 9db5488397 security: validate raw path in moveToTrash before filepath.Abs resolves traversal

filepath.Abs resolves ".." components, so the existing validatePath call
on the resolved path could never catch traversal attempts. Move validation
before Abs to reject raw input with "..", keeping the post-Abs check as
defense-in-depth.

2026-03-14 10:39:33 +08:00

analyze_test.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

cache.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

cleanable.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

constants.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

delete_test.go

security: validate raw path in moveToTrash before filepath.Abs resolves traversal

2026-03-14 10:39:33 +08:00

delete.go

security: validate raw path in moveToTrash before filepath.Abs resolves traversal

2026-03-14 10:39:33 +08:00

format_test.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

format.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

heap_test.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

heap.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

json.go

fix(analyze): count top-level files in json output

2026-03-07 10:10:41 +08:00

main_stub.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

main.go

security: fix CodeQL command injection and path traversal alerts

2026-03-14 08:24:08 +08:00

scanner_test.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

scanner.go

security: fix CodeQL command injection and path traversal alerts

2026-03-14 08:24:08 +08:00

test_helpers_test.go

fix(analyze): add darwin build tag to all platform-specific files

2026-03-14 07:46:32 +08:00

view.go

optimize analyze scanner concurrency and channel send semantics

2026-02-10 16:23:24 +08:00