# unrecognized flags should still be diagnosed after the module for
# the requested package has been downloaded and checked for toolchain
# upgrades.


! go install -cake=delicious -modcacherw example.com/printversion@v0.1.0
stderr '^flag provided but not defined: -cake$'
	# Because the -modcacherw flag was set, we should be able to modify the contents
	# of a directory within the module cache.

import java.util.zip.ZipEntry
import java.util.zip.ZipOutputStream


class ZipTest : TestWithTempFiles() {

    @Test
    fun `unzip fails on path traversal attempts`() {

        val maliciousZip = file("malicious.zip").apply {
            ZipOutputStream(outputStream()).use { zip ->
                val content = "suspicious".toByteArray()

    otherwise. Do not persist these and assume they can be read by a future
    version of the library.

5.  Our classes are not designed to protect against a malicious caller. You
    should not use them for communication between trusted and untrusted code.

6.  For the mainline flavor, we test the libraries using OpenJDK 8, 11, and 17

     * and gives an attacker the ability to
     * <a href="https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer/">serve malicious executable code onto the system.</a>
     * </b>
     * <p>
     * See also: