Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: evaluate using safe Golang libraries #2451

Closed
lucasrod16 opened this issue Apr 23, 2024 · 1 comment
Closed

refactor: evaluate using safe Golang libraries #2451

lucasrod16 opened this issue Apr 23, 2024 · 1 comment
Labels
tech-debt 💳 Debt that the team has charged and needs to repay

Comments

@lucasrod16
Copy link
Contributor

Describe what should be investigated or refactored

Evaluate Google's Safe Golang libraries to see if they can/should be used in place of our existing libraries to enhance secure development practices and potentially eliminate attack vectors.

https://bughunters.google.com/blog/4925068200771584/the-family-of-safe-golang-libraries-is-growing

https://github.com/google/safetext
https://github.com/google/safeopen
https://github.com/google/safearchive

Links to any relevant code

TBD
@lucasrod16 lucasrod16 added the tech-debt 💳 Debt that the team has charged and needs to repay label Apr 23, 2024
@lucasrod16
Copy link
Contributor Author

Discussed this with the team and came to the conclusion this work is not necessary for our use cases. Zarf is a CLI tool that accepts mostly trusted input from users. Closing this as not planned

@lucasrod16 lucasrod16 closed this as not planned Won't fix, can't repro, duplicate, stale May 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tech-debt 💳 Debt that the team has charged and needs to repay
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lucasrod16