From e403f473cd4c99ca4381e50884d98b9a14f1c4a7 Mon Sep 17 00:00:00 2001
From: Marc Nuri <marc@marcnuri.com>
Date: Fri, 26 Sep 2025 06:51:18 +0200
Subject: [PATCH 1/2] chore(docs): update tools in README.md

Previous update wasn't made automatically.

Signed-off-by: Marc Nuri <marc@marcnuri.com>
---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 5ac9d2fb..303a426a 100644
--- a/README.md
+++ b/README.md
@@ -261,7 +261,7 @@ The following sets of tools are available (all on by default):
   - `name` (`string`) **(required)** - Name of the Pod to get the logs from
   - `namespace` (`string`) - Namespace to get the Pod logs from
   - `previous` (`boolean`) - Return previous terminated container logs (Optional)
-  - `tail` (`number`) - Number of lines to retrieve from the end of the logs (Optional, default: 100)
+  - `tail` (`integer`) - Number of lines to retrieve from the end of the logs (Optional, default: 100)
 
 - **pods_run** - Run a Kubernetes Pod in the current or provided namespace with the provided container image and optional name
   - `image` (`string`) **(required)** - Container Image to run in the Pod

From 84b773890cb74f492c2a109be4a4e28efaa2d110 Mon Sep 17 00:00:00 2001
From: Marc Nuri <marc@marcnuri.com>
Date: Fri, 26 Sep 2025 06:51:58 +0200
Subject: [PATCH 2/2] chore(security): try to fix snyk security issues

Even after the fix, Snyk seems to be reporting false positives.

Signed-off-by: Marc Nuri <marc@marcnuri.com>
---
 internal/tools/update-readme/main.go | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/internal/tools/update-readme/main.go b/internal/tools/update-readme/main.go
index 837b27d1..cdf695fc 100644
--- a/internal/tools/update-readme/main.go
+++ b/internal/tools/update-readme/main.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"maps"
 	"os"
+	"path/filepath"
 	"slices"
 	"strings"
 
@@ -25,7 +26,14 @@ func (o *OpenShift) IsOpenShift(ctx context.Context) bool {
 var _ internalk8s.Openshift = (*OpenShift)(nil)
 
 func main() {
-	readme, err := os.ReadFile(os.Args[1])
+	// Snyk reports false positive unless we flow the args through filepath.Clean and filepath.Localize in this specific order
+	var err error
+	localReadmePath := filepath.Clean(os.Args[1])
+	localReadmePath, err = filepath.Localize(localReadmePath)
+	if err != nil {
+		panic(err)
+	}
+	readme, err := os.ReadFile(localReadmePath)
 	if err != nil {
 		panic(err)
 	}
@@ -81,7 +89,7 @@ func main() {
 		toolsetTools.String(),
 	)
 
-	if err := os.WriteFile(os.Args[1], []byte(updated), 0o644); err != nil {
+	if err := os.WriteFile(localReadmePath, []byte(updated), 0o644); err != nil {
 		panic(err)
 	}
 }