Remove `A.Cmd`
pellared opened this issue · comments
Robert Pająk commented
The reasons to remove A.Cmd
are the following:
os/exec
is not hardened by default. More: Go blog: Command PATH security in Gogithub.com/goyek/x/cmd
covers most use cases. It can usegolang.org/x/sys/execabs
to be more secure.
Programs build using Go 1.19 has the fix in place. See https://pkg.go.dev/os/exec#hdr-Executables_in_the_current_directory and https://go.dev/blog/go1.19.
- Reduce the API surface. Users can use their own helpers or
github.com/goyek/x/cmd
.