Kevin Stubbings

@HenryHengZJ it is not. I have submitted. Please respond in the advisories to let me know if you can see the advisories and also if you have any questions regarding...

@HenryHengZJ It has been two months over two months since I reported these vulnerabilities. Please let me know if you have a timeline when you can fix these issues. Please...

@HenryHengZJ Please let me know if you have had a chance to fix any of these issues. I see these issues have been labeled an enhancement, but a bug would...

@HenryHengZJ Hello, we will be publicly disclosing the security advisories we reported as part of our [Disclosure Policy](https://securitylab.github.com/advisories/#policy) on Jun 28. We have extended the policy from 90 days to...

@amammad please remove Parameter as a source for the dataflow. Even after removing the Parameter source, I am still getting 10 alerts that are all the same path. Putting this...

> What's your reasoning on `filepath.Base`? In particular `filepath.Base("..")` is `".."`, which seems like we shouldn't be letting that through? Thats fair, I found that most developers have used filepath.Base...

@smowton Is the policy for the sanitizers that no true positive can be discarded in exchange for a better FP rate? If so I will remove it because I agree...

hi @smowton could you take a look at this again? Thank you

@owen-mc good to go!