From 586ad8b132b0c45770378e2c6b28c70374f7f9fb Mon Sep 17 00:00:00 2001
From: Waldemar Heinze <mail@wheinze.dev>
Date: Fri, 24 May 2024 02:22:08 +0200
Subject: [PATCH] fix: prefer clean paths to prohibit gosec issues

Also,
- refactor: prefer `os.ReadFile` and `os.WriteFile`
---
 cmd/helpers.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/cmd/helpers.go b/cmd/helpers.go
index dbf02ba..9ddfab6 100644
--- a/cmd/helpers.go
+++ b/cmd/helpers.go
@@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"path"
@@ -77,12 +76,14 @@ func replaceWalkFn(path string, info os.FileInfo, pattern string, old, new []byt
 	}
 
 	if matched {
+		cleanedPath := filepath.Clean(path)
+
 		var oldContent []byte
-		if oldContent, err = ioutil.ReadFile(filepath.Clean(path)); err != nil {
+		if oldContent, err = os.ReadFile(cleanedPath); err != nil {
 			return
 		}
 
-		if err = ioutil.WriteFile(path, bytes.Replace(oldContent, old, new, -1), 0); err != nil {
+		if err = os.WriteFile(cleanedPath, bytes.Replace(oldContent, old, new, -1), 0); err != nil {
 			return
 		}
 	}
@@ -92,7 +93,7 @@ func replaceWalkFn(path string, info os.FileInfo, pattern string, old, new []byt
 
 func createFile(filePath, content string) (err error) {
 	var f *os.File
-	if f, err = os.Create(filePath); err != nil {
+	if f, err = os.Create(filepath.Clean(filePath)); err != nil {
 		return
 	}
 
@@ -153,11 +154,11 @@ func storeJson(filename string, v interface{}) error {
 		return err
 	}
 
-	return ioutil.WriteFile(filename, b, 0600)
+	return os.WriteFile(filename, b, 0600)
 }
 
 func loadJson(filename string, v interface{}) error {
-	b, err := ioutil.ReadFile(path.Clean(filename))
+	b, err := os.ReadFile(path.Clean(filename))
 	if err != nil {
 		return err
 	}