IMO this whole thing is largely a non-issue. If someone can tamper the source tarballs that we install our software from, we have much more to worry about than path traversal.
IMO this whole thing is largely a non-issue. If someone can tamper the source tarballs that we install our software from, we have much more to worry about than path traversal.