Affected by GO-2022-1019
and 4 other vulnerabilities
GO-2022-1019: lakeFS vulnerable to authenticated users deleting files they are not authorized to delete in github.com/treeverse/lakefs
GO-2023-2012: lakeFS vulnerable to Arbitrary JavaScript Injection via Direct Link to HTML Files in github.com/treeverse/lakefs
GO-2023-2397: User with permission to write actions can impersonate another user when auth token is configured in environment variable in github.com/treeverse/lakefs
GO-2023-2398: lakeFS logs S3 credentials in plain text in github.com/treeverse/lakefs
GO-2024-3291: Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion in github.com/treeverse/lakefs
Match - finds whether the text matches/satisfies the pattern string.
supports '*' and '?' wildcards in the pattern string.
unlike path.Match(), considers a path as a flat name space while matching the pattern.
The difference is illustrated in the example here https://play.golang.org/p/Ega9qgD4Qz .