From e994d293e0cf0d67988878cf63a8d5419f83df3c Mon Sep 17 00:00:00 2001
From: Stefan Spieker <S.Spieker@gmx.net>
Date: Tue, 3 Dec 2024 10:14:42 +0100
Subject: [PATCH] Fixed spotbugs `PATH_TRAVERSAL_IN` issue in `FileBoolean`
 (#9638)

Co-authored-by: Mark Waite <mark.earl.waite@gmail.com>
---
 core/src/main/java/jenkins/util/io/FileBoolean.java | 3 ++-
 core/src/spotbugs/excludesFilter.xml                | 1 -
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/jenkins/util/io/FileBoolean.java b/core/src/main/java/jenkins/util/io/FileBoolean.java
index 82fe7f9b29fc..c6be6c5ef6e4 100644
--- a/core/src/main/java/jenkins/util/io/FileBoolean.java
+++ b/core/src/main/java/jenkins/util/io/FileBoolean.java
@@ -8,6 +8,7 @@
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import jenkins.model.Jenkins;
+import org.apache.commons.io.FilenameUtils;
 
 /**
  * Uses a presence/absence of a file as a persisted boolean storage.
@@ -29,7 +30,7 @@ public FileBoolean(File file) {
     }
 
     public FileBoolean(Class owner, String name) {
-        this(new File(Jenkins.get().getRootDir(), owner.getName().replace('$', '.') + '/' + name));
+        this(new File(Jenkins.get().getRootDir(), FilenameUtils.getName(owner.getName().replace('$', '.') + '/' + name)));
     }
 
     /**
diff --git a/core/src/spotbugs/excludesFilter.xml b/core/src/spotbugs/excludesFilter.xml
index 7d36952fc372..eed82962bded 100644
--- a/core/src/spotbugs/excludesFilter.xml
+++ b/core/src/spotbugs/excludesFilter.xml
@@ -407,7 +407,6 @@
           <Class name="jenkins.slaves.restarter.UnixSlaveRestarter"/>
           <Class name="jenkins.SoloFilePathFilter"/>
           <Class name="jenkins.util.groovy.GroovyHookScript"/>
-          <Class name="jenkins.util.io.FileBoolean"/>
           <Class name="jenkins.util.JavaVMArguments"/>
           <Class name="jenkins.util.SystemProperties"/>
           <Class name="jenkins.util.VirtualFile$FilePathVF"/>