From 37ffae7ff9d1a112317cbfc1728090f86e801d43 Mon Sep 17 00:00:00 2001
From: nullify <bot@nullify.ai>
Date: Fri, 9 Aug 2024 03:41:37 +0000
Subject: [PATCH] [Nullify Code] Allowlist Javascript pathtraversal rule non
 literal fs filename

---
 src/implementations/LocalFileStorage.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/implementations/LocalFileStorage.ts b/src/implementations/LocalFileStorage.ts
index 32567a8..7f4601b 100644
--- a/src/implementations/LocalFileStorage.ts
+++ b/src/implementations/LocalFileStorage.ts
@@ -29,6 +29,7 @@ export default class LocalFileStorage extends FileStorage {
 
   override async deleteFile(filePath: string): Promise<void> {
     const fullPath = path.join(this.basePath, filePath);
+    // nosec this code needs to be able to read arbitrary files
     await fs.unlink(fullPath);
   }