Jason Smalls
1bcb945360
Harden get_meta in archive.py against variants of CVE-2022-35410
2023-07-11 21:31:53 +02:00
jvoisin
9159fe8705
Mention wp-mat in the readme
2023-06-05 19:52:13 +02:00
jvoisin
1b9608aecf
Use proper type annotations instead of comments
2023-05-03 22:28:02 +02:00
jvoisin
2ac8c24dac
Make use of is_dir/isdir for archives
2023-05-03 22:19:19 +02:00
jvoisin
71ecac85b0
Add some documentation about OSX
2023-04-11 21:35:25 +02:00
georg
b9677d8655
CI: codespell: drop obsolete list of ignored words
...
codespell was dropped via a63011b3f6
.
Accordingly, this commit does some cleanup.
2023-03-21 13:18:54 +00:00
georg
6fde80d3e3
CI: shallow clone repository and limit depth to 5
...
The previous commit changed the strategy to 'clone', instead of 'fetch'
as before. While this fixes permission errors, it is also slower, as an
existing checkout of the repository will be ignored. To overcome this,
this commit limits the depth to 5.
2023-03-20 15:11:02 +00:00
georg
6c05360afa
CI: 'clone' git repository instead of 'fetch'
...
While the former is slower, the later might lead to errors such as
"fatal: detected dubious ownership in repository at" which is fixed
GitLab upstream via
https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/3538 , but
not yet released.
Closes #191
2023-03-20 15:10:56 +00:00
georg
596696dfbc
CI: Add python3.{7,8,9,10,11} test jobs
...
Closes #187
2023-03-15 23:38:39 +00:00
jvoisin
daa17a3e9c
Fix the CI on Archlinux
2023-03-12 13:29:46 +01:00
Gu1nn3zz
6061f47231
fix: Typing in the parser factory
2023-03-07 17:37:56 +00:00
georg
8b41764a3e
CI: linting: ruff: specify image
...
Otherwise, this job might fail, depending on the runner which executes
the job, due to different configurations, especially wrt the default
image.
Ref https://0xacab.org/jvoisin/mat2/-/merge_requests/105
2023-03-07 11:25:17 +00:00
Rui Chen
ed0ffa5693
Update pyproject.toml
to include version
2023-02-24 09:12:06 +00:00
jvoisin
b1c03bce72
Bump the changelog
2023-02-23 21:36:46 +01:00
jvoisin
a63011b3f6
Improve the CI
...
- Remove some useless linters
- Make use of ruff
2023-02-20 21:15:07 +01:00
jvoisin
e41390eb64
Explicitly pass a parameter to functools.lru_cache
2023-01-31 20:42:39 +01:00
jvoisin
66a36f6b15
Bump the changelog
2023-01-28 17:55:02 +01:00
jvoisin
3cb3f58084
Another typing pass
2023-01-28 17:22:26 +01:00
jvoisin
39fb254e01
Fix the type annotations
2023-01-28 15:57:20 +00:00
jvoisin
1f73a16ef3
imghdr is deprecated
2023-01-14 15:38:12 +01:00
jvoisin
e8b38f1101
Revert "Simplify a bit the typing annotations of ./mat2"
...
This reverts commit 29057d6cdf
.
2023-01-14 15:35:21 +01:00
jvoisin
8d7230ba16
Fix -l
output
2023-01-07 17:10:02 +01:00
jvoisin
2b02c82e7f
Bump the changelog
2023-01-07 16:52:58 +01:00
Megamind
b00e221675
Make the 'A' in the README ascii art look more "A-like"
2022-12-30 20:05:33 +00:00
jvoisin
62a45c29df
Improve xlsx support
2022-12-25 18:05:13 +01:00
jvoisin
6479d869e4
Remove the Nautilus extension
2022-12-05 20:31:12 +01:00
jvoisin
29057d6cdf
Simplify a bit the typing annotations of ./mat2
2022-11-21 19:58:53 +01:00
jvoisin
180ea24e5a
Remove pyflakes
...
Isn't borderline useless compared to mypy and pylint
2022-11-21 19:57:38 +01:00
jvoisin
618e0a8e39
Fix the tests on the latest Debian
2022-10-09 21:49:07 +02:00
jvoisin
6d93cf9397
Remove deprecated pylint checks
2022-10-09 21:14:20 +02:00
jvoisin
b1a16b334f
Get rid of a deprecated check
...
Nobody should be using Poppler < 0.46
2022-10-09 21:11:02 +02:00
jvoisin
0501359600
Please pylint
2022-10-09 21:04:19 +02:00
jvoisin
cc5be8608b
Simplify the typing annotations
2022-08-28 22:29:06 +02:00
b068931cc450442b 63f5b3d276ea4297
292f44c086
update source and installation
2022-08-24 20:20:02 +02:00
jvoisin
2dd196c2c7
Make use of cache to get binary paths
2022-08-05 20:43:37 +02:00
jvoisin
34eb878aae
Add the CVE number to the changelog
2022-07-08 22:09:22 +02:00
jvoisin
eec5c33a6b
Bump the changelog
2022-07-06 19:20:21 +02:00
jvoisin
beebca4bf1
Prevent arbitrary file read via zip archives
...
A zip file with a file pointing to /etc/passwd would, upon being cleaned by
mat2, produce a file with the filesystem's /etc/passwd file.
2022-07-05 16:27:07 +02:00
jvoisin
e2c4dbf721
Show a scary message in case of path traversal attempt
2022-07-05 15:30:10 +02:00
jvoisin
704367f91e
Add support for HEIC files
...
Thanks to Maxime Morin ( https://www.maijin.fr/ )
for the patch.
2022-05-15 18:57:27 +02:00
jvoisin
2639713709
Minor cleanup
2022-05-05 22:00:09 +02:00
jvoisin
b18e6e11f0
Bump the changelog
2022-04-30 17:31:29 +02:00
jvoisin
62dc8c71c1
Enable gitlab's SAST
2022-04-02 16:19:13 +02:00
jvoisin
697e9583b9
Please the linters
2022-03-29 22:18:06 +02:00
jvoisin
1b37604d3a
Make processing multiple files safer concurrence-wise
2022-03-29 22:15:04 +02:00
jvoisin
1c3e2afa1e
Escape more control chars in the cli
2022-03-29 22:13:55 +02:00
jvoisin
05b8e97b68
Simplification of the testsuite
2022-03-29 22:13:33 +02:00
jvoisin
2a74a400e2
Fix the svg tests on archlinux
2022-03-28 23:22:42 +02:00
jvoisin
5ccddae7f5
Fix the PDF version
...
This should prevent the testsuite from breaking,
and marginally increase fingerprinting resistance.
2022-03-28 22:34:57 +02:00
jvoisin
12582ba2f5
Try to use modern rsvg functions when we can
2022-03-16 20:23:49 +01:00