fixed another G304 (CWE-22) in tokkenizer

Author: smegg99

Diff for: helpers.go

@@ -3,6 +3,7 @@ package taskwrappr
 
 import (
 	"fmt"
+	"path/filepath"
 	"unicode"
 )
 
@@ -71,3 +72,20 @@ func isReservedVariableName(name string) (bool, LiteralType) {
 	}
 	return false, LiteralUndefined
 }
+
+func sanitizeFilePath(path string) (string, error) {
+	if path == "" {
+		return "", fmt.Errorf("empty file path")
+	}
+
+	absPath, err := filepath.Abs(path)
+    if err != nil {
+        return "", fmt.Errorf("could not determine absolute path: %w", err)
+    }
+
+	if filepath.Ext(absPath) != ".tw" {
+        return "", fmt.Errorf("invalid file type: %s", absPath)
+    }
+
+	return path, nil
+}

Diff for: tokenizer.go

@@ -4,7 +4,6 @@ package taskwrappr
 import (
 	"fmt"
 	"os"
-	"path/filepath"
 	"strconv"
 	"strings"
 	"unicode"
@@ -26,13 +25,13 @@ func (t *Tokenizer) String() string {
 }
 
 func NewTokenizer(filePath string) *Tokenizer {
-	absPath, err := filepath.Abs(filePath)
-    if err != nil {
-		fmt.Println("could not determine absolute path: %w", err)
-        return nil
-    }
+	path, err := sanitizeFilePath(filePath)
+	if err != nil {
+		fmt.Println("error sanitizing file path:", err)
+		return nil
+	}
 
-	source, err := os.ReadFile(absPath)
+	source, err := os.ReadFile(path)
 	if err != nil {
 		fmt.Println("error reading script file:", err)
 		return nil