Skip to content

fix(core): allow double-dot filenames while still blocking path traversal #673

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jope-bm merged 2 commits into from
Mar 16, 2026
+81 −4

fix(core): harden traversal check against Windows dot/space normaliza…

3903d35
Select commit
Loading
Failed to load commit list.
Merged

fix(core): allow double-dot filenames while still blocking path traversal #673

fix(core): harden traversal check against Windows dot/space normaliza…
3903d35
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL succeeded Mar 16, 2026 in 3s

No new alerts in code changed by this pull request

View all branch alerts.