Affected by GO-2022-0395 and 4 other vulnerabilities

GO-2022-0395: GitHub CLI can execute a git binary from the current directory in github.com/cli/cli

GO-2024-3269: Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer in github.com/cli/cli

GO-2024-3296: Recursive repository cloning can leak authentication tokens to non-GitHub submodule hosts in github.com/cli/cli

GO-2024-3310: Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/cli

GO-2025-3467: `gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli

The highest tagged major version is v2.

command

package

v1.1.0 Latest Latest Go to latest Published: Oct 6, 2020 License: MIT Imports: 8 Imported by: 0

Details

This section is empty.

View Source

var BuildDate = "" // YYYY-MM-DD

BuildDate is dynamically set at build time in the Makefile.

View Source

var Version = "DEV"

Version is dynamically set by the toolchain or overridden by the Makefile.

func BasicClient() (*api.Client, error)

BasicClient returns an API client for github.com only that borrows from but does not depend on user configuration

This section is empty.