From c030d43bc8e3003715a3de91972b1a594039d262 Mon Sep 17 00:00:00 2001
From: k0ral <mail@cmoreau.info>
Date: Fri, 21 Jul 2023 15:13:42 +0200
Subject: [PATCH] Use a sentinel error when blocking paths for
 `RepositoriesServices.GetContents` (#2837)

---
 github/repos_contents.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/github/repos_contents.go b/github/repos_contents.go
index 874a327728..e859a4ddca 100644
--- a/github/repos_contents.go
+++ b/github/repos_contents.go
@@ -21,6 +21,8 @@ import (
 	"strings"
 )
 
+var ErrPathForbidden = errors.New("path must not contain '..' due to auth vulnerability issue")
+
 // RepositoryContent represents a file or directory in a github repository.
 type RepositoryContent struct {
 	Type *string `json:"type,omitempty"`
@@ -198,7 +200,7 @@ func (s *RepositoriesService) DownloadContentsWithMeta(ctx context.Context, owne
 // GitHub API docs: https://docs.github.com/en/rest/repos/contents#get-repository-content
 func (s *RepositoriesService) GetContents(ctx context.Context, owner, repo, path string, opts *RepositoryContentGetOptions) (fileContent *RepositoryContent, directoryContent []*RepositoryContent, resp *Response, err error) {
 	if strings.Contains(path, "..") {
-		return nil, nil, nil, errors.New("path must not contain '..' due to auth vulnerability issue")
+		return nil, nil, nil, ErrPathForbidden
 	}
 
 	escapedPath := (&url.URL{Path: strings.TrimSuffix(path, "/")}).String()